Even before the onset of the Covid-19 crisis, cybersecurity was a growing concern with companies and individuals being increasingly vulnerable to ransomware, intellectual property theft and operational disruption. Coronavirus has upped the stakes manifold, with executives now working remotely from generally less-secure domestic networks and phishing emails exploiting consumers’ health and economic fears. Cyberthreats have existed in different formats since the web became the medium for business and transactions.
While your Spam folder might still lodge those unsolicited emails promising you millions of dollars, the scale of such deceptions pale in comparison to the extent of manipulative practices that are prevalent now. The threats, today, are more immediate and extremely disruptive. In the face of such vulnerabilities, it is imperative that cybersecurity protocols are in place, and more importantly, regularly updated to address new and emerging threats.
Cybersecurity is not just an issue related to business disruption. Turning to home, remote working has pushed parents and children onto the same networks, which is never an easy combination at the best of times. By now, most of us have set clear physical boundaries between professional and family life, but attitudes towards devices and networks are often more fluid.
The solution: adhere to the basics: avoid open networks; use intelligent passwords that aren’t repeated on different devices; be careful when sharing any personal or family data; and log off and shutdown devices when they’re not in use. The phrase family computer is worrying and you should ideally keep your work and leisure separate.
Remote working gives us more opportunity for interaction. Take interest in what your children are watching or clicking. Beware of holiday scams; if something sounds too good to be true, it probably is. Treat your home printer like any other computer, if it’s connected to the internet, it’s vulnerable to attack. Ensure that your network is private and can only be accessed with a secure password mixing letters, numbers and characters.
Waste disposal shouldn’t be overlooked either; make sure anything confidential is shredded. Nearly one in two, 47%, managers of businesses across EMEA are aware of instances of documents going missing inside their organisation, while 46% are aware of employees losing documents outside the office.
As tempting as it sounds, avoid free cloud software tools for collaboration and storage which have not been vetted by your organisation. They might be simple to use, but may not be secure. There are two valuable support sites. The first, www.haveibeenpwned.com, allows you to see if your email has been hacked; and www.nomoreransom.org, will help you should you fall victim to ransomware.
Accountability at every stage
Throughout the pandemic, we’ve heard war analogies and without question, at home and work, cybersecurity is one large battlefield. Modern business is built on risk and the superb efficiencies we gain through digitisation must always be balanced by robust measures to protect organisations. Organisations across the world must collaborate to learn from attacks; and the problem with this enemy is that, much like COVID, attacks are invisible, global and highly mobile.
Last year’s Hiscox Cyber Readiness Report, which surveyed cybersecurity professionals in the UK, US, Belgium, France, Germany and Spain, found 61% of European and US businesses reported a cyber security attack in the last year, compared to 45% from the previous year.
According to a survey by Proofpoint, a cybersecurity company, over 80% of organisations in the UAE reported at least one cyber-attack in 2019. It also found that over half of the organisations reported multiple incidents, with credential theft and phishing topping the list of common attack vectors.
On the bright side, the Middle East Cybersecurity market is projected to grow from $16.1 billion in 2020 to $28.7 billion by 2025. Another positive move is the new federal law on consumer protection, with provisions on data security included, which recently moved closer to being finalised after approval by the UAE parliament.
Saudi Arabia’s Vision 2030 and Vision Realisation Programmes have increased the focus on digital enablement and spurred the adoption of digital technologies as a key element in its economic diversification. Saudi children are being educated by the risks, through collaborations such as Kaspersky’s with the Cyber Security for Children Association, CyberKids.
Beyond government and company protocols and initiatives, responsibility falls on individuals too. Every cog in your workforce and supply chain must be accountable. It’s shocking, in 2020, how many firms still have a single admin password for their desktops and laptops. You wouldn’t leave your front door unlocked overnight, so don’t do the same with your IT; every device must be thoroughly protected, passwords should be constantly updated, be wary of clicking on bogus emails and ensure your anti-virus software is always up to date.
With the crisis accelerating digital transformation, this heightens security challenges, at a time when the need to improve safety protocols has never been greater. In fact, most recently, Dubai Police warned members of the public to be vigilant against online cybercriminals and spammers when using social media platforms.
With greater vigilance about cybersecurity at home and work, there is still time to improve the 2020 figures.
By Quentyn Taylor, Director of Information Security at Canon EMEA.