While the entire world is struggling with the impact of COVID-19, cybercriminals see it as an opportunity they can exploit. According to the recent Kaspersky Security Network (KSN) report, India has witnessed a 37% surge in cyberattacks in Q1 2020, as compared to Q4 2019. The surge in internet usage and work from home measures due to the coronavirus outbreak in many countries have exposed loopholes in cyber defence system of several organizations.
The cyber attackers are taking advantage of the fear surrounding the COVID-19. There has been a substantial increase in the number of phishing emails connected to COVID-19. In some cases, hackers mount cyberattacks by asking users to download the latest data/news on coronavirus. The receiver unknowingly ends up providing vital information which leads to a compromised system/account.
Top 5 CyberSecurity Threats to Organizations:
- Vulnerable Mobile Apps
- Unencrypted Data
- Unsecured Third-party Services
- Exposed Virtual Private Networks (VPNs)
- Compromised End-user Devices
Organizations that were insufficiently prepared in normal times have been caught completely off-guard during the current crisis. This is leading to a demand for more robust cybersecurity architecture covering both the employees as well as customers. It’s in such times that digital solutions as a key mitigation tool for these threats gain utmost importance. The solutions should provide end-to-end security across multiple environments and should include new authentication methods and monitoring services.
Here are 10 most useful practices for organizations to ensure CyberSecurity:
- Comprehensive CyberSecurity guidelines need to be developed for employees working from home e.g. they should use company provided IT tools for collaboration which come with adapted levels of security.
- Run awareness campaigns across organization to educate employees on COVID-19 related CyberSecurity challenges.
- Updated firewall can block malicious activity before they reach other parts of the network.
- Enable around-the-clock event monitoring, event handling and security analysis of devices, networks and applications to detect cyber threat. This can be done by means of comprehensive Security Operations Center (SOC).
- Augment CyberSecurity capabilities with AI-enabled tools such as Identity and Access Management (IAM). This is critical as hackers with stolen credentials will attempt to access important data. However, this automation should be done carefully as any vulnerability in the implementation can also be used by hackers to launch a cyberattack.
- Make use of available tools like Encryption, Multi-factor authentication (like OTP, digital signatures etc.), VPN and scenario-based access policies among others.
- Use of biometric as MFA (Multi-factor authentication) such as retina scan, thumbprint or facial recognition is more secure as compared to OTP.
- Deploy security orchestration and automated response system. E.g. Company-issued devices can be remotely wiped clean in the event of a breach.
- Automatic logout can minimize the risk of a cyberattack by closing a user’s access after a few minutes of inactivity.
- Use of comprehensive IDS (Intrusion Detection Systems) that monitors network traffic for suspicious activity and issues alerts when such activity is discovered.
CyberSecurity capabilities will be stress-tested because of the surge in remote working during coronavirus outbreak. However, every crisis opens a window to new opportunities. The investment and emphasis that companies invest in CyberSecurity now will allow them to emerge more resilient in the future.
Clover Infotech’s CyberSecurity services can help financial institutions like organizations to build digital experiences while ensuring data security thereby accelerating business growth.
Write to us at marketing @cloverinfotech.com to know more and we will have our CyberSecurity experts assist you for the same.