If the Future is ‘Work From Home’- What About Cybersecurity?
from ukprofessional.online

If the Future is ‘Work From Home’- What About Cybersecurity?

Jack G. Jack G.

Jack G.

CFP ? Chartered FCSI | Chartered Wealth Manager | CIMA Management Accountant | Certified Data Analyst | Chartered Marketer

发布日期: 2020年12月12日
+ 关注

2020 has seen immense changes in the way that people work. WFM has become prevalent and new habits have formed. It is very unlikely, post-pandemic, that things will fully return to as they were before. This article explores some of the risks in terms of cybersecurity that the new ways of working have created.

If you think you know-it-all about cybersecurity, this discipline was probably ill-explained to you.
Stephane Nappo

The National Cybersecurity Centre gives some clear tactics which private individuals can use to mitigate cyber threats:

  • Use a strong a separate password for your email
  • Create strong passwords using three random words
  • Save your passwords in your browser
  • Turn on two-factor authentication (2FA)
  • Update your devices
  • Backup your data

For SMEs their advice is far more comprehensive and includes:

  • Password management
  • Backing up data
  • Having active cyber defence
  • Training of employees
  • Operational security
  • Monitoring
  • The use of encryption
  • Penetration testing

The Human Element

We like the following quote:

Companies spend millions of dollars on firewalls and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems.
Kevin Mitnick

Ultimately, any cybersecurity strategy relies on the human element. With WFM prevalent, it is likely that the human element is, arguably, far more important than ever before. A remote worker may be more of a risk to an organisation if he or she is not in as regular communication as they were before with an I.T. support team or is not receiving regular training.

The Rise of Social Engineering Attacks?

With workers in many cases experiencing less frequent communication than before it is likely that social engineering attacks will rise in the new home-working environment (it being a far less ‘controlled’ environment than e.g. a corporate office). Social engineering relies on the attacker gaining the victim’s trust. For this reason, basic security measures can mitigate this risk such as paying attention to emails, being wary of attachments and links, and being cautious of any urgent requests involving money.

A notable example:

Shark Tank television judge Barbara Corcoran was tricked in a nearly $400,000 phishing and social engineering scam in 2020 according to CNN. A cybercriminal impersonated her assistant and sent an email to the bookkeeper requesting a renewal payment related to real estate investments. He used an email address similar to the legitimate one. The fraud was only discovered after the bookkeeper sent an email to the assistant’s correct address asking about the transaction.

Summary

New attack vectors and new ways of working will increase the need for cybersecurity professionals able to rise to the challenge.

Authored on www.ukprofessional.online

要查看或添加评论,请登录

Jack G.的更多文章

社区洞察

其他会员也浏览了