By Bernie Cosentino, Vice President
Since the beginning of the digital age, protecting our information has been a concern. These concerns have never been greater as the spread of the coronavirus has triggered the mobilization of the largest work-from-home environment across the globe. Business continuity plans have mandated that employees set up their home computers and continue their job performance remotely.
In this “new normal” with millions of people following this protocol, experts in the cybersecurity field have laid out some concerns and steps to be taken.
Security researchers have already identified phishing emails posing as alerts regarding COVID-19, leveraging the fear and panic it creates. Up-to-date antivirus and monitoring tools can limit the effectiveness of these attacks, but as importantly, employees need to be vigilant and aware of the dangers of opening attachments and links from untrusted sources.
Many companies already had an agile workforce and were well-equipped to maintain network integrity through the use of VPNs—virtual private networks using a multifactor authentication for its users. Others have not. Those less prepared have a risk that the increased volume of network traffic will place a strain on the organization’s IT systems and personnel, and that employees will be accessing sensitive data via unsecured networks or devices.
VPNs are not completely invulnerable as companies who have implemented them but failed to update them are becoming victims of data theft and ransomware. These networks should be load tested to ensure the increased traffic can be handled.
Typically in an office environment, an IT staff member is on deck to monitor and contain threats to the network security. A remote workplace makes that much more difficult. Companies with employees working from home should have a readily contactable IT colleague to physically address a compromise at its source.
Even after stay-at-home orders are lifted, more and more organizations will likely continue with the remote work strategy. Even with all the safeguards in place to prevent data theft and ransomware, the bad actors will continue to hone their abilities to hack into private and public networks.
Companies can safeguard against the increased risk of disruption with a comprehensive cyber insurance policy that could provide coverage for business interruption losses as well as the cost of forensic experts to investigate and remediate a breach.
I would advise you to speak with your trusted insurance advisor to make sure you are protected against cyber breaches.