Cyber Criminals & Pandemics… Oh My! (Part 1 – Let’s begin)

“Are you part an organisation that is weathering through the many challenges of COVID? …

Have you understood how your Cyber Security could affect your business during times like this? …

Read on to see the areas you should consider in safeguarding your employees, your customers, and your business during and moving forward from, these challenging times.”

With the effects of COVID, lots of organisations have either built or extended their capability to allow employees to work remotely. Although this might be a new development for some organisations, most organisations had already explored the remote work options prior to the COVID episodes. For some organisations it was the benefit of cost saving from real estate where having to house multiple internal teams, visiting staff, contractors and other third-party vendors was beyond the effort to cost benefit. The rapid increase of remote work technologies including Virtual Private Networks (VPNs) meant that companies can cross such real estate and logistic boundaries and expand their workforce to allow their employees to work from pretty much any location that has a reliable internet connection and a safe work environment.

“In the world of cyber security, for criminals, there is no shortage of opportunities to abuse.

Let it be a financial crisis, a global pandemic or even in good times, motivated cyber criminals will always find ways to prey on the vulnerable … “

For these criminals it is just a change in season where new and different opportunities present with no lack of financial gains to make via ill means. For us to better understand this cyber security context, we need to be able to look at it from a cyber criminal’s perspective. This can be referred to as a seeing the world of digital economy through the lens of a cyber hacker.

The nature of cyber criminals is to target all possible avenues to compromise the security of a victim. For an organisation this could mean:

  • Their Public/Internet facing assets such as Websites, Servers, VPN Endpoints, and other Customer facing portals.
  • The Email Communications
  • The External and Internal Networks
  • The Mobile Applications and Services offered to Customers
  • The Human Link (Staff, Customers and Clients)

In the next post we will discuss the above with some examples.
Q. How are you auditing, safeguarding and reducing the organisation’s attack surface ?