Advertise Here
Icon

Directory

IconActuaries
IconAdministration Outsourcing
IconAsset Managers
IconAssociations & Institutes
IconAuditors
IconBanking
IconBBBEE Consulting and Verification Agencies
IconBusiness Chambers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconCompliance
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconCurrencies
IconDebit Order Collection Facilities
IconEducation and Training
IconFAIS
IconHuman Resources
IconInformation Technology and Software Partners
IconInvestment Consulting
IconInvestment Fund Managers
IconLegal
IconLISPs
IconListed Equities
IconOmbud
IconParticipation Bond Managers
IconPolicy Administration
IconPolicy Trading
IconProperty Unit Trusts (PUTS)
IconPublications
IconRegulatory Authorities
IconStock Exchange
IconSurveys and Research
IconTraining Courses & Workshops
IconUnit Trust Fund Managers
IconWellness Programs
Image
  Subscribe To »

Cyber Risk Implications of the Coronavirus Outbreak

Published

2020

Wed

18

Mar

The outbreak of COVID-19 has caused significant disruption to businesses and a degree of panic within the employee community. Companies across the globe are activating contingency and business continuity plans and are allowing employees to work from home to limit the spread of the virus. In a new reality where millions of people are working remotely, secure networks are now more critical than ever, according to Aon.

 

Zamani Ngidi, Cyber Solutions Client Manager at Aon South Africa outlines the practical steps organisations can take to remain cyber resilient amid the crisis. 

 

“Concern about the spread of the Coronavirus has triggered the largest “work-from-home” mobilisation in history.  The Coronavirus outbreak is highlighting the risk resilience, or lack thereof, of organisations. Not only as far as restrictions implemented from the Presidency are concerned, but also from a sustainability perspective and what that constitutes in a world where global economic activity is impacted,” says Zamani.

 

“Covid-19 will fundamentally change the way we conduct business in future in respect of mobile and remote working, and this has significant cyber risk implications.  Organisations will need to increase reliance on technology in order to navigate a business environment that is globally restricted in terms of physical movement and presence.  The ability of employees to work from home (connectivity) will become more pronounced, and when coupled with possible disruptions from load shedding, creates a unique set of risks for South Africa. 

 

“At the very least, organisations will need to reassess internal IT policies, crystalising risk mitigation efforts and re-assessing risk transfer programmes, arising from the dramatically increased reliance on technology for remote work forces,” says Zamani.

 

To remain operational and secure, Aon recommends that companies take the following steps:

  • Defend Against the Phishing Wave

Malicious actors will leverage the intense focus placed on the virus and the fear and panic it creates. Security researchers have already observed phishing emails posing as alerts regarding COVID-19. These emails will typically contain attachments which purport to offer information about the outbreak or updates on how recipients may stay safe. In an environment where people are stressed and hungry for more information, there is a lack of commitment to security best practices.

 

This is the time for organisations to remind employees of the need for vigilance and the dangers of opening attachments and links from untrusted sources. Running a simulated spear phishing campaign can also demonstrate the level of resilience to these attacks. At a more technical level, up-to-date antivirus and monitoring tools can limit the effectiveness of these attacks.

 

  • Test System Preparedness

Organisations will be experiencing an unprecedented amount of traffic accessing the network remotely. Companies with an agile workforce have been preparing for this contingency for some time and will be well-equipped to maintain network integrity through the use of sophisticated virtual private networks (VPNs) and multi-factor authentication. Enterprise security teams are recommended to increase monitoring for attacker activities deriving from work-from-home users, as employees’ personal computers are a weak point that attackers will leverage in order to gain access to corporate resources.

 

For those less prepared, COVID-19 presents a challenge. There is a risk that the increased volume of network traffic will place a strain on IT systems and personnel, in addition to employees accessing sensitive data and systems via unsecure networks or devices. We recommend that these organisations migrate as quickly as possible to remote working and Bring-Your-Own-Device (BYOD) standards. VPNs should be patched regularly (for example, a vulnerability in the Pulse Secure VPN was patched in April 2019 but companies which failed to update were falling victim to ransomware in December) and networks should be load-tested to ensure that the increased traffic can be handled.

 

  • Brace for Disruption

A remote workforce can make it more difficult for IT staff to monitor and contain threats to network security. In an office environment, when a threat is detected, IT can immediately quarantine the device, disconnecting the endpoint (i.e. the compromised computer) from the corporate network while conducting investigations. Where users are working remotely, organisations should ensure that, to the extent possible, IT and Security colleagues are readily contactable and ideally able to physically address a compromise at its source. Sophisticated endpoint detection and response (EDR) software can also be used to quarantine workstations remotely, limiting the potential for malicious actors to move through the network.

 

As this risk moves beyond the technical, companies should adopt an enterprise risk approach. This can include rehearsing business continuity plans (BCP) and senior management response through tabletop crisis simulations that focus on cyber scenarios as well as how pandemics and other similarly disruptive events are likely to impact upon automation, connectivity and cyber resilience.

 

Companies can also safeguard against the increased risk of disruption through a robust cyber insurance policy which, in the event of a digital disruption to systems, can provide cover for business interruption losses, as well as the costs of engaging forensic experts to investigate and remediate a breach.

 

“COVID-19 presents many challenges to businesses across the entire globe but developments in technology means companies can remain operational and nimble in the face of uncertainty. Keeping a finger on the pulse of the pervasive cyber threats in the midst of this crisis is critical to ensuring that the increased reliance on connectivity and technology don’t scupper productivity any further,” concludes Zamani. 

 
Source: TS COMMUNICATIONS
 
« Back to previous page Print this page » |
 

Breaking News »

Association for Savings and Investment South Africa (ASISA)

ASISA commits to B4SA compact for economic recovery The Association for Savings and Investment South Africa (ASISA) and its members are firmly committed to the new social and economic compact being forged between ...
Read More »

  

POPI BREACH COULD MEAN FINES OF UP TO R10 MILLION AND A 10-YEAR JAIL SENTENCE

Where to start for SA businesses?   09 July 2020: Parts of the long-awaited Protection of Personal Information Act 4 of 2013 came into force on 1 July 2020, and companies will have a period of one year ...
Read More »

  

Asia Corporate Payment Survey 2020: COVID-19 will overturn last year’s incipient recovery

After a 2019 that was dominated by trade tensions between the United States and China, Coface has observed an incipent recovery in Asia (excluding China), supported by supply chain shifts and additional liquidity ...
Read More »

  

Coface finalises the acquisition of GIEK Kredittforsikring AS

Coface announces the closing of the acquisition of GIEK Kredittforsikring AS, a company created in 2001, and owned by the Norwegian Ministry of Trade, Industry and Fisheries, that manages a short-term export credit ...
Read More »

 

More News »

Image

Healthcare »

Image

Life »

Image

Retirement »

Image

Short-term »

Advertise Here
Image
Image
Advertise Here

From The Glossary »

Icon

Expert:

A person with extensive and proven knowledge and experience of estate planning, wills, trusts and deceased estates as well as all laws and estate planning techniques that are involved.
More Definitions »

 

Advertise

 

eZine

 

Contact IG

 

Media Pack

 

RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.