As Britain enters its sixth week of Covid-19 lockdown, businesses and employees are well into the swing of working from home. However, now is not the time to relax your cybersecurity policies and procedures. In fact, your team will benefit from a reminder on how to ensure they are using best practices to protect your network from possible cyber-attacks. Data protection and GDPR compliance
is only one part of a comprehensive cybersecurity risk assessment and mitigation plan. However, most organisations fail to understand the level of risk involved, best practices for mitigating risk and how to ensure procedures are in place, so cybersecurity threats can be contained and the business can recover quickly from an event. This is illustrated in the 2019 government survey
on cybersecurity breaches which showed over a third (32%) of businesses, and more than a fifth of charities (22%) had observed cybersecurity breaches over the past 12 months. So how can organisations ensure their network is protected from cyberattacks?
Identifying and mitigating risk
Companies need to implement necessary countermeasures to limit and contain cybersecurity exposure, especially if team members are working from home. The best form of defence and best practice includes a strategy of rolling assessment and testing with an effective incident response plan. This is a risk-based approach where the organisation is using a comprehensive approach to detect possible weaknesses, along with introducing processes to keep everyone informed of new threats. This enables businesses to boost the chances of a fast and effective response to threats, increasing the likelihood of a quick and easy recovery, when and if such an event occurs.
Instilling good security habits
A successful cybersecurity risk management plan must include a framework for ensuring that all employees observe safe online and digital communication practices. To protect against phishing emails and fraudulent instant messaging attachments, two of the most common types of cyber hacks, employees should be vigilant in never opening a file or link from an unknown sender. Hovering over a link can help people check its details and this may highlight a suspect email address or link. Rather than sending files over email, set up a shared file system from the many available. Virtual Private Networks (VPNs) provide protection against external hacking threats, for example, a criminal trying to steal information during a transfer. However, VPNs cannot protect against physical viruses and malware. The only dependable protection against such threats is a stringent cybersecurity culture, which includes regular risk assessments and information sharing regarding new hazards.
apply to this article.
All information is correct as of 28 April 2020.
LawBite will continue to issue additional advice on the impact of Covid-19 on businesses.