The Coronavirus pandemic has created a challenge for businesses around the globe to continue operating despite massive shutdowns of offices and other facilities.
Overnight, the dependency and demand placed on digital infrastructure has skyrocketed, providing an opportunity for cyber criminals to take advantage of anxiety and uncertainty over COVID-19 with a host of new scams.
A study conducted by Comparitech ranked Australia 62 in terms of being the most cyber-secure country in the world this year, dropping 12 places compared to the year prior. The study also estimated that around one in twenty mobiles and one in ten computers are infected.
The average cost of a cyber-attack to a business in Australia is over a quarter of a million dollars – caused both by the value of the stolen data and the time taken – several weeks in many cases, to resolve.
Now that many organisations have rolled out new capabilities, they should start preparing themselves for the aftermath. What will be the new working environment? Which new and existing practices will persist? What new IT security measures need to be implemented?
The answers to these questions may not be known for some time, however it is clear additional IT security measures post COVID-19 will be required, including some or all of the following:
- New operating model: Increased remote worker monitoring and support. IT rights will require closer examination
- Reset security systems: IT systems will need to be analysed and assessed as to whether they are sufficiently robust, as cybercriminals may have found ways to gain entry into the network. The access rights granted during COVID-19 will require a review
- Protect remote devices: Use of strong encryption methods on home Wi-Fi routers, as well as strong passwords and two-factor authentication
- New cyber risks: The new cyber risks emerged during pandemic must be understood and evaluated against the organisations existing IT security capabilities
- Educate staff: Provide ongoing cyber security training to staff, including teaching employees about phishing scams and methods to verify email senders and embedded URLs before clicking
- Update business continuity plans: The existing plan should be reviewed and updated to include a pandemic-like scenario and regularly tested.
Addressing these areas will go some way in protecting a business and its employees even in the most uncertain of operating environments.
We are here to help. Go to our COVID-19 Resource Centre for further insights to help you and you business during this challenging time.
This article was authored by Kapil Kukreja, HLB Mann Judd Melbourne.