Advertise Here
Icon

Directory

IconActuaries
IconAssociations & Institutes
IconAuditors
IconBBBEE Consulting and Verification Agencies
IconBusiness Chambers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconCall Centre Outsourcing & Sales
IconCompliance
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDebit Order Collection Facilities
IconEducation and Training
IconFAIS
IconHuman Resources
IconInformation Technology and Software Partners
IconLegal
IconLife Insurance Companies
IconLife Insurance Products
IconOmbud
IconOutbound Sales
IconPolicy Administration
IconPolicy Trading
IconPublications
IconRe-insurance Companies
IconRegulatory Authorities
IconSales and Sales Management
IconSocial Grants (Government)
IconSurveys and Research
IconTraining Courses & Workshops
IconWellness Programs
Image
  Subscribe To »

Cyber Risk Implications of the Coronavirus Outbreak

Published

2020

Wed

18

Mar

The outbreak of COVID-19 has caused significant disruption to businesses and a degree of panic within the employee community. Companies across the globe are activating contingency and business continuity plans and are allowing employees to work from home to limit the spread of the virus. In a new reality where millions of people are working remotely, secure networks are now more critical than ever, according to Aon.

 

Zamani Ngidi, Cyber Solutions Client Manager at Aon South Africa outlines the practical steps organisations can take to remain cyber resilient amid the crisis. 

 

“Concern about the spread of the Coronavirus has triggered the largest “work-from-home” mobilisation in history.  The Coronavirus outbreak is highlighting the risk resilience, or lack thereof, of organisations. Not only as far as restrictions implemented from the Presidency are concerned, but also from a sustainability perspective and what that constitutes in a world where global economic activity is impacted,” says Zamani.

 

“Covid-19 will fundamentally change the way we conduct business in future in respect of mobile and remote working, and this has significant cyber risk implications.  Organisations will need to increase reliance on technology in order to navigate a business environment that is globally restricted in terms of physical movement and presence.  The ability of employees to work from home (connectivity) will become more pronounced, and when coupled with possible disruptions from load shedding, creates a unique set of risks for South Africa. 

 

“At the very least, organisations will need to reassess internal IT policies, crystalising risk mitigation efforts and re-assessing risk transfer programmes, arising from the dramatically increased reliance on technology for remote work forces,” says Zamani.

 

To remain operational and secure, Aon recommends that companies take the following steps:

  • Defend Against the Phishing Wave

Malicious actors will leverage the intense focus placed on the virus and the fear and panic it creates. Security researchers have already observed phishing emails posing as alerts regarding COVID-19. These emails will typically contain attachments which purport to offer information about the outbreak or updates on how recipients may stay safe. In an environment where people are stressed and hungry for more information, there is a lack of commitment to security best practices.

 

This is the time for organisations to remind employees of the need for vigilance and the dangers of opening attachments and links from untrusted sources. Running a simulated spear phishing campaign can also demonstrate the level of resilience to these attacks. At a more technical level, up-to-date antivirus and monitoring tools can limit the effectiveness of these attacks.

 

  • Test System Preparedness

Organisations will be experiencing an unprecedented amount of traffic accessing the network remotely. Companies with an agile workforce have been preparing for this contingency for some time and will be well-equipped to maintain network integrity through the use of sophisticated virtual private networks (VPNs) and multi-factor authentication. Enterprise security teams are recommended to increase monitoring for attacker activities deriving from work-from-home users, as employees’ personal computers are a weak point that attackers will leverage in order to gain access to corporate resources.

 

For those less prepared, COVID-19 presents a challenge. There is a risk that the increased volume of network traffic will place a strain on IT systems and personnel, in addition to employees accessing sensitive data and systems via unsecure networks or devices. We recommend that these organisations migrate as quickly as possible to remote working and Bring-Your-Own-Device (BYOD) standards. VPNs should be patched regularly (for example, a vulnerability in the Pulse Secure VPN was patched in April 2019 but companies which failed to update were falling victim to ransomware in December) and networks should be load-tested to ensure that the increased traffic can be handled.

 

  • Brace for Disruption

A remote workforce can make it more difficult for IT staff to monitor and contain threats to network security. In an office environment, when a threat is detected, IT can immediately quarantine the device, disconnecting the endpoint (i.e. the compromised computer) from the corporate network while conducting investigations. Where users are working remotely, organisations should ensure that, to the extent possible, IT and Security colleagues are readily contactable and ideally able to physically address a compromise at its source. Sophisticated endpoint detection and response (EDR) software can also be used to quarantine workstations remotely, limiting the potential for malicious actors to move through the network.

 

As this risk moves beyond the technical, companies should adopt an enterprise risk approach. This can include rehearsing business continuity plans (BCP) and senior management response through tabletop crisis simulations that focus on cyber scenarios as well as how pandemics and other similarly disruptive events are likely to impact upon automation, connectivity and cyber resilience.

 

Companies can also safeguard against the increased risk of disruption through a robust cyber insurance policy which, in the event of a digital disruption to systems, can provide cover for business interruption losses, as well as the costs of engaging forensic experts to investigate and remediate a breach.

 

“COVID-19 presents many challenges to businesses across the entire globe but developments in technology means companies can remain operational and nimble in the face of uncertainty. Keeping a finger on the pulse of the pervasive cyber threats in the midst of this crisis is critical to ensuring that the increased reliance on connectivity and technology don’t scupper productivity any further,” concludes Zamani. 

 
Source: TS COMMUNICATIONS
 
« Back to previous page Print this page » |
 

Breaking News »

The Pandemic, Physical Damage, Business Interruption Losses and Reinsurance

The Pandemic, Physical Damage, Business Interruption Losses and Reinsurance How is your 2000 piece jigsaw puzzle progressing?   Coronavirus and physical damage You may have seen reference ...
Read More »

  

1Life donates to frontline health workers

1Life has donated R500 000 to Gift of the Givers to assist frontline medical workers fight COVID-19. “Medical workers are at the coalface of the pandemic. It’s because of them – their ...
Read More »

  

Covid-19: Impact on banks, non-insurance financial institutions & expectations on regulated entities

by Danelle Prinsloo, Lenee Green, Johann Scholtz, Dawid de Villiers, Kent Davis from Webber Wentzel   In response to the Covid-19 emergency, the South African Reserve Bank (Reserve ...
Read More »

  

Coronavirus: Short-term closure of plants or premises can pose risks for companies

The potential for damage from fire or lack of maintenance can increase in mothballed or idle production facilities and industrial plants. Companies from the automotive, aviation or mechanical engineering ...
Read More »

 

More News »

Image

Healthcare »

Image

Investment »

Image

Retirement »

Image

Short-term »

Advertise Here
Image
Image
Advertise Here

From The Glossary »

Icon

Misrepresentation:

Information supplied by the insured to the insurer which is incorrect to a material degree. The supply of such information whether innocently or fraudulently gives the insurer the right to repudiate the contract.
More Definitions »

 

Advertise

 

eZine

 

Contact IG

 

Media Pack

 

RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.