‘Never let a crisis go to waste’ could be the new mantra of hackers during the COVID-19 outbreak. Of course, bad actors with bad intentions would take advantage of and prey on the fears of the world.
During this time, it’s especially important to keep IT controls and security awareness top of mind. The controls an organization has in place are more important now than ever from the seemingly minute to the more complex. Business continuity and disaster recovery plans and incident response processes are being put to the test. The importance of testing these processes before an actual event has been highlighted.
So what’s going on and what should your organization be on the lookout for?
Phishing campaigns and malware are popping up specific to the current pandemic. An Android app that promises real-time information related to the coronavirus is actually ransomware in disguise, emails with details about emergency processes targeted to organizations and universities alike abound, websites laced with malware are abundant specifically around maps and tracking of the virus and the list goes on and on.
All those social engineering exercises you (should have) completed are hopefully paying dividends but now is not the time to rest on your laurels – reiterating best security practices and continuing to keep the control environment strong is crucial.
Remind your employees often about current events as it relates to security compromises – do not open emails from unknown senders, don’t click on random links out of curiosity, don’t download new apps without doing your research (or at all right now). The best place to get information related to the virus should be directly from the source; government websites, news stations and the company intranet and email.
Frequent, easily digestible communication to employees is key. Diligence and prudence will not only get us through this time from a health perspective, but also from a security one.
With cases of COVID-19 emerging in nearly every state, it's important to be prepared for any cybersecurity risk that may occur. For questions on how to establish security guidelines or with help reviewing your current information security, contact a Weaver professional today.
Resilience and Recovery Resources
Read related articles and reference materials to help you equip your team and organization for recovery and resilience. If you need assistance in crafting your team's response to current market events, please contact our Weaver professionals as we are here to assist you during this time.
Read More Insights