Transitioning safely to the “new normal”

Where available, businesses had to invoke business continuity procedures, like remote working practices for their employees. The use of the internet has become the channel for effective human interaction, the primary way we work, contact and support each other.

Whilst businesses are operating in “survival” mode, management also needs to be aware of the risks related to reliance on digital tools including the risk of cyberattacks which have reached new heights now that businesses are operating in a business continuity model. Cybercriminals exploit human weaknesses, namely by instilling elements of fear, uncertainty and doubt to penetrate systems. In the “new normal”, people tend to make mistakes they would not have made otherwise.

Change is never easy and people adapt to change at different rates. As a result, people are subjected to increased stress and may take actions that would be considered irrational in other circumstances. For example, a recent global cyberattack targeted people looking for visuals of the spread of COVID-19. The malware was concealed in a dashboard map displaying coronavirus statistics loaded from a legitimate source. Users were asked to download and run an application that compromised the computer and allowed hackers to access their computers.

Practical actions for managing cyber risk

Just as addressing the COVID-19 pandemic requires changing our social habits and routines to reduce infection rates, a change in our online behavior can help maintain high levels of cybersecurity. Some practical actions include:

• Be far more careful than usual when installing software and giving out any personal information.
• Do not click on links from emails, the source of which you are not familiar with.
• When signing up to new services, verify the source of every URL and ensure the programmes or apps you install are the original versions from a trusted source.
• Use trusted sources of data on the spread and impact of COVID-19.
• Ensure to update your system software and applications regularly to patch any weaknesses that may be exploited.
• Ensure that anti-malware systems are kept up to date on all devices. Check email addresses carefully to ensure that the sender is legitimate.

On a final note, companies’ networks have now been extended to not just the physical office premises but to each employee’s residence. Home networks are typically not secured in a similar fashion as a corporate office. All it takes is one of the electronic devices at home to get electronically infected, potentially spreading to all devices inside the household. As a result, always check that you have a long, complex router password for your home Wi-Fi network and that system firewalls are active on your router. Ensure that you are not reusing passwords across the web, use only approved VPN software to access your office resources and ensure that any smart devices you use in your home have the latest firmware installed.