According to a Ponemon Institute report, losing your customer, employee, or other enterprise data to cybercriminals can prove to be extremely expensive. On average, a single data breach in the U.S. costs $3.86 million. It’s time for large and small businesses to be cyber resilient in a COVID-19 world that has seen a fourfold spike in reported cyberattacks, according to the FBI. Your business’s survival may hinge on how well you address the multiple cyber threats you weren’t facing before COVID-19. Read on to learn what’s different now in terms of cyber risks and what you need to do to protect your IT systems and data.
Remote Working is the New Normal
COVID-19 has forced many enterprises to let their employees work from home. However, most companies were not ready for a world where all or at least mission-critical workers require secure remote access to networks and applications. Before the pandemic, 88% of small business owners told the Small Business Administration (SBA) that they believed their business was prone to a data breach. The attack surface has increased today, and some of these enterprises may be much more vulnerable. Possible areas of cyber vulnerability include:
- Cloud access:
Transitioning from legacy software to cloud-based systems and databases may introduce new risks.
- Endpoint risks:
Before COVID-19, only a small percentage of companies let their employees access their networks via home routers and personal devices like smartphones and laptops. As your digital footprint grows, so does your cyber-attack surface.
- VPNs:
COVID-19 work from home policies has led to an increase in remote access Virtual Private Networks (VPNs). Cybercriminals are increasingly targeting these VPNs for hacking.
Watch Out for These Threats to Become Cyber Resilient
According to the Insurance Information Institute (III), these are the cyber threats many SMBs, and large enterprises are facing in the COVID-19 era:
- Phishing
Ideally, phishing isn’t a new cyber threat. However, by incorporating coronavirus messaging as bait in their attacks, innovative bad actors use the technique to get information from unsuspecting, less cyber-savvy staff. They usually send forged emails impersonating a legitimate entity, such as a COVID-19 non-profit or government COVID-19 relief agency/program.
- Malware Distribution
Some of the spoofed emails that COVID 19 cyber-attack victims are receiving these days include malicious payloads. The unsuspecting target only has to click on a link or an attached file to install malware on their PC. The malware may be designed to spread across the breached network quickly. In most cases, hackers are using this technique to deploy ransomware.
- Malicious Domains
In the year 2020, cybercriminals have registered multiple malicious domains with COVID-19-related wording. Such sites may host phishing forms or malware.
- Remote Attacks
Reports indicate hackers are launching remote cyber-attacks on newly and rapidly deployed remote access platforms, such as collaborative workforce software.
Cyber Resilient Best Practices
Here are measures you can adopt to protect your IT systems against advanced threats:
- Train your employees on password security and spotting phishing emails. Teach them about controlling physical access to their devices now that they may be sharing their remote working environment with other people.
- Restrict remote personal device access to only necessary corporate cloud resources for mission-critical workflows and tasks.
- Administer maximum security hygiene with up-to-date firewalls, antivirus software, strong passwords, and multifactor authentication.
- Backup your data by maintaining a copy of your enterprise database on-premise and another in the cloud.
Is your business cyber resilient enough to survive emerging threats in this coronavirus era? From cyber liability insurance to business interruption insurance, contact the professionals at Reata Insurance Group. We are ready to help you today!