My two cents will not tell you about the human trials for the Corona virus vaccine or the timeline for the global immunization, and how many times you have to wash your hands daily. My guidance does not include foot-shaking or the type of the hand-gel you are recommended to use in your office.
What you will find in this piece is how to protect your company against notorious phishing attacks.
Attackers exploit people’s fears and stress specifically in tumultuous times like this, and unfortunately Corona outbreak is not an exception for this. It was only the second week of the outbreak that we heard about phishing attacks related to Corona virus.
Cyber hackers/criminals do not hesitate a second and they adapt themselves to any confusion nearly at light speed. Practicing reactive measures against phishing attacks may not be the best solution you might want to have. One click could be a beginning and the first step of an Advance Persistent Threat-APT that could end up with the ruin of your company. Same as the vaccines, companies have a tendency to strengthen the cyber-immunity systems of their employees. The best way to have a healthy immunity system against such attacks is possible by training your employees and raising cyber security awareness.
Getting into the details of having multiple layers of security and a solid understanding for cyber security from top management to all the employees have the utmost importance for the companies, yet these are the alpha and the omega of the cyber security, though not the objective of this article.
These days, most of the people have been working remotely from their homes. They might have comfortable chairs, a cozy environment and relaxed dressing code. However, the elephant in the room is that home-networks are not well protected as opposed to the ones at offices, no fancy firewalls or Intrusion Prevention Systems-IPS. Moreover, the ambience at home could degrade the perception of threats leaving them more prone to possible cyber-attacks. According to Taewoo Nam, “Social trust decreases perceived cyber threats and increase perceived preparedness “. With an increasingly high-level social distrust among today’s society, “Bring your own device-BYOD” policies and technologies play a more important role.
Perpetually increasing attacks have been targeting the employees working from their homes. Keeping in mind, providing such employees VPNs, encryption tools or remote collaboration tools might be an option in order to communicate, work and produce more securely from home, yet, in today’s world they might not be sufficient. The line between working life and personal life balance is very unclear, specifically when people need to work from their homes under different kinds of stress.
Therefore, as a company, one needs to come up with additional measures such as beyond BYOD.
- Provide antivirus software for home-usage if needed.
- Provide cyber security trainings, for professional life as well as personal life.
- Train on how to secure their home networks.
- Raise awareness regarding how to use social media.
Remember your employee is your best asset, not only between 8 am and 5 pm but at all times. You need to protect your assets all the time and everywhere. Sure, this eventually will also serve your company’s interest.
As a manager one needs to know himself and also let his co-workers know the nature of the phishing attacks to see things beyond. So, they could be able to adapt themselves to any possible upcoming threats. That is eventually how you can produce a vaccine in a complex cyber space.
* Non-Resident Specialist on Cybersecurity