So you're working from home. Now what?
As we all adjust our way of working during the COVID-19 crisis, social distancing measures (whether they’re voluntary or government mandated) have led to a huge spike in working from home that even major players like Microsoft and Zoom have struggled to cope with.
Even in the midst of this pandemic, the World Health Organisation isn’t just reminding people to wash their hands and keep their distance, they have also issued a warning after multiple attackers posed as the WHO to try and solicit fraudulent donations for COVID-19 response funds. These coronavirus-themed scams are on the rise across multiple sectors, with the latest studies showing thousands of COVID-19 scam and malware sites are being created every day.
Exploiting an emotional response in phishing attacks isn’t new, but with the heightened anxiety around the world as the health crisis continues, your users are more vulnerable than ever. Unfortunately, there’s no honour among thieves, and we can expect this trend of increasing cybercrime to grow in line with COVID-19 infections.
With no real end in sight to this surge in remote working, it’s never been more important to ensure that your external perimeter is secure and key cyber vulnerabilities are closed. So how do you rapidly identify any gaps in your security to speed up your remediation efforts and keep users safe?
Automate wherever possible
Now is the time to make sure your cybersecurity preparedness and risk visibility are best practice, and as more and more of our colleagues take time off work due to illness your processes will need to be as simple and automated as possible. Make sure you’re using threat intelligence tools and solutions that surface and prioritise your high-risk vulnerabilities automatically, ideally with a stakeholder summary so that non-technical users can understand what’s at stake.
Keep an eye on your third parties
Even with the best security practices in the world, your online interactions with third parties (e.g. suppliers, partners) can leave you vulnerable if you’re not careful. This is particularly relevant as working patterns shift due to COVID-19, you may find the smaller third parties you work with are having to abruptly shift to online trading, and their lack of experience presents an unacceptably high level of digital risk to your organisation. Visualising your third parties’ security standards will be key in the next few months to identifying major cyber threats before they can impact your business.
Speed will be key
As criminals make the most of this disruption, they will be looking to move quickly before users adjust to working from home and use the heightened levels of distraction to their advantage in invoice fraud or credential theft. Your internal security processes will need to keep up with this attack velocity – make sure you’re acting proactively to blacklist suspicious domain permutations that have been registered for phishing attempts.
Don’t forget user behaviour
As with all security challenges, the technology you deploy is only as good as the humans using it. Are your users trained in cyber awareness to help them avoid unnecessary risk and spot attempted cyberattacks? If not, now would be a good time to enrol them into a virtual classroom to ensure they’re empowered to make the right decisions.
Whatever the next few weeks and months bring, we’re all in this together. Darkbeam is here to help you identify vulnerabilities in your working from home processes, secure your remote access users and identify threats faster than ever before. Get in touch today to find out more.