Protect your business from cybercrime
The shift to working from home has made businesses more vulnerable to data theft and fraud
The night shift to work from home due to the
Hackers have found multiple ways to exploit weak IT infrastructure in employee homes to steal user credentials, using phishing scams to exploit people’s anxiety and desire for news and updates, and attacking online meeting platforms like Zoom. In this new scenario, organizations face the daunting task of identifying and closing potential security holes and eliminating or mitigating related cyber risks, even when grappling with business disruption. supply chain, manufacturing shutdowns and the economic impact of the COVID pandemic.
Indeed, the frequency and extent of
So, most organizations have taken some basic steps like prohibiting employees from using company-supplied laptops / computers for personal use so that the devices are only used for work-related activities. Notices asking them to strictly follow company guidelines such as usage
However, all of this is not enough. Businesses must go beyond the simple
Ransomware is a type of
Protecting your systems from ransomware attacks involves fundamental aspects of cybersecurity, such as changing default passwords on all access points, training employees not to click on suspicious email links , maintaining up-to-date data backups without the use of USB drives, and updating all operating systems, applications and system software on time.
Considered the leading cause of cyberattacks worldwide, phishing is a type of social engineering attack where the attacker attempts to steal sensitive information such as passwords, or trick people into installing software. malicious by appearing to be from a trustworthy source. Using multi-factor authentication and training employees to recognize phishing emails can help prevent a cyberattack.
This happens when classified information is passed from an organization’s systems to the outside world, intentionally or accidentally. This type of security incident can be damaging, costly, and time consuming to discover and repair.
Data leaks can be prevented in a number of ways by identifying and monitoring access and activity to critical data using solutions such as data loss prevention (DLP) or digital asset management (DAM). ) or both in tandem. These solutions enable the use of data encryption, control of your network, and the implementation of endpoint security measures to improve data security.
Trade-offs of professional emails
Hackers use various tricks to perpetrate cyber attacks, and companies should provide cyber security training and awareness to employees on this subject. In a recent case of business email compromise, cybercriminals forged emails to redirect a payment of Rs 62 lakh from a reputable cosmetics company, intended for one of its overseas suppliers, to their own. Bank accounts. Such attacks are on the increase and in a work from home scenario, where employees are not face to face asking for clarification, they can result in huge monetary losses.
A high degree of vigilance and situational awareness is required to prevent such attacks. In addition to being advised to be cautious and vigilant in the face of such attempts, companies should implement tighter controls to create a culture of safety.
One of the most underrated cyber threats is that of an insider causing data breaches through negligence or to deliberately harm the organization. In today’s work-from-home scenario, both possibilities are very real. For example, home workers may be momentarily distracted and make mistakes, while disgruntled employees who have been fired may deliberately compromise information security.
To avoid this, organizations may need to increase monitoring of user behavior, implement segregation of duties, and follow an access principle that offers the least privilege only to the extent necessary to perform the job.
Cyber threats are constantly evolving and long-term measures are needed to combat them. Organizations will continue to be the target of, and likely to be, cyber attacks. It is up to leaders to actively develop protocols, controls and policy guidelines that can address cyber risks and protect their data even as we move forward in a new way of working.
– Author of CyberStrong: A Primer on Cyber Risk Management for Business Managers (SAGE Publications India)