Hackers Love The Coronavirus – What Can Your Business Do About It?
The COVID-19 outbreak has brought with it a host of new issues and concerns for businesses as they focus their efforts on protecting their employees, workstreams, and revenues. It is a worrying time with rapidly changing scenarios, advice, and understandably the concern for people’s wellbeing is rising.
The pandemic has brought a wave of disruption to workplaces. Organizations have had to make an unprecedented transition to remote working — for most, in the span of a few days. According to a survey by Workhuman, only a third of people in the United States worked from home before the pandemic spread.
Consequently, as employees disperse to their homes, organizations are facing a set of unique challenges: how to keep as many business-critical functions running as possible, whilst maintaining adequate security measures, and shielding sensitive and personal company data from sophisticated hackers.
The pandemic has unfortunately created an atmosphere in which scammers and hackers thrive. Cybercriminals exist to find and exploit vulnerabilities or weaknesses in various systems – phishing attacks alone have risen an unprecedented 667 percent in the UK since February.
The sudden increase of remote working seen over the last few months has created a new opportunity for hackers to exploit. They know individuals are searching for safety information online, and are taking advantage of the new remote working landscape and people’s willingness to click on malicious links or open attachments.
The battle between wanting employees to work from home and the fear of potential security lapses can cause a big headache, and a whole new list of cybersecurity considerations, for business leaders.
Below are three key tips for business leaders to consider, in this “new normal” landscape.
Companies should review data breach and incident response plans, to ensure that organizations are prepared for responding to a data breach or security incident. Update the plans if necessary with contact information for the (now) remote incident response team, and outside advisors. The increased security risk when working from home reinforces the need to have a plan of action in place if something goes wrong.
Businesses need to nurture a company-wide culture in which ‘flagging up’ or ‘calling out’ potential security risks or breaches is the new standard. And where mishaps are not ignored. Managers need to be familiar with applicable security guidelines, plans, and policies and ensure that relevant information is flowed-down throughout the entire organization.
There is often a lack of transparency around possible security risks, leading to delayed identification and the communication of improvements. Considering 70 percent of workplace mistakes are a result of poor communication, companies need to include staff in open conversations around security so that potential breaches can be flagged up in real-time.
It is important to note, that many employees are not clued up on security, and some may have never worked remotely before. Providing them with a steady flow of information and training is therefore critical.
Over 80 percent of data breaches are caused by compromised passwords. The cost to companies, not just in technical but reputational damage, is unparalleled. Weak passwords remain a critical issue for businesses, particularly as 19 percent of enterprise professionals use poor quality passwords (such as 12345), and 13 percent of professionals share passwords with other users and teams, and between different accounts.
Removing the password from the authentication process and implementing multi-factor biometrics, which use a combination of device possession and physical biometrics – as well as artificial intelligence-powered behavioral and location intelligence within an open platform – will be key to reducing cyberattacks and eliminating associated costs from data breaches.
More and more organizations are realizing the benefits of taking a multi-factor biometric approach to security, which can not only highlight and prevent 99.9 percent of all automated cyberattacks on websites and other online services but provide a more seamless and frictionless user experience.
Passwordless authentication can also improve employee productivity and aid the stress of overwhelmed IT desks – not having to remember or reset complicated password procedures at frequent intervals, saves a lot of time. IT professionals will instead be free to achieve real business objectives, and the company itself will see huge organizational cost savings – up to 50 percent of the thousands of daily IT helpdesk requests are password resets, at a cost of around $70 dollars each.
The business landscape will most certainly change in the long term as flexible working becomes the new norm. This pandemic will see a number of businesses overhaul their remote working strategies, and strengthen their defenses, by adopting better access controls across their entire ecosystem.
There are a lot of short term fixes that offer some, but not total, security – for instance, sending a flow of pertinent security information down between teams. But without a doubt, passwordless authentication, and in particular non-repudiation biometric technology, needs to be considered and factored into all critical business planning.
This is a decision that needs to be made by many organisations before they too are caught out. It is a decision that will secure the future of a company, as well as cutting costs and improving user experiences. It is a decision that should not wait – hackers aren’t going anywhere, but your business may be.
Written by James Stickland. Have you read?
# Ranking of the World’s best countries for Cultural Influence, 2020
# Ranking of the world’s most powerful people, 2020
# Ranking of the World’s best countries for its citizens to live, 2020
# Ranking of the World’s most powerful women, 2020
Follow CEOWORLD magazine headlines on: Google News, LinkedIn, Twitter, and Facebook.
Thank you for supporting our journalism. Subscribe here.
For media queries, please contact: firstname.lastname@example.org