01 Oct 2020 | 08.13 am
DBI Issues Free Guide To Cybersecurity
Cybersecurity Awareness Month theme is ‘Think Before U Click’
01 Oct 2020 | 08.13 am
The theme of Cybersecurity Awareness Month ‘Think Before U Click’ focuses on the importance of personal accountability. Whether we’re checking personal emails or accessing the company server, diligence must always be exercised to avoid inadvertently opening the door to hackers.
European Cyber Security Month is coordinated by the European Union Agency for Cybersecurity (ENISA) and takes place each year during the month of October. The NCSC will share content from ENISA with tips on phishing, business email compromise, online shopping fraud along with personal data protection, cyber bullying and cyber stalking.
This year attackers have doubled down on social engineering (i.e. phishing) to exploit the disruption caused by the Covid-19 pandemic and take advantage the subsequent spike in the use of online services.
Managing cyber risk with a distributed workforce
For businesses, resilience and continuity strategies have had to adapt to distributed working in order to effectively manage the security challenges of the ‘new normal’. Chris Hodson, CISO at Tanium, describes how many of the issues that emerged at the start of lockdown resulted from considerably overestimating preparedness for the security challenges that came with shifting to a distributed working environment.
“Our research found that 85% of business leaders thought they were prepared to manage the shift to widespread WFH. This confidence turned out to be ill-founded, with 98% admitting they faced security challenges in the transition away from the office.
“Not only did widespread remote working exacerbate existing issues, it also created a host of new security challenges, allowing cyber criminals to run amok during a period of deep confusion and uncertainty for businesses. Whether companies choose to permanently move their operations, return employees to the office, or some combination of both, implementing tools such as endpoint management and efficient security solutions should be a priority.”
The new cybersecurity imperative
As connectivity continues to become a crucial element in more of society’s infrastructure, cyber-attacks are having more devastating consequences. According to Dave Palmer, Director of Technology at Darktrace: “Finding the right people with the right skills to defend organisations is important, but they cannot handle the challenge alone. We need to augment teams with AI that can make decisions in seconds about what is strange but benign, and strange but threatening. Not only must it detect the threat but it must understand the action that is necessary to stop the threat from spreading.”
Board responsibility for security reviews
Tim Hickman, partner and data protection lawyer at law firm White & Case, argues that board-level executives must take a more active interest in cybersecurity.
“Recent enforcement trends have shown that a failure at the very top of an organisation to engage with evolving cybersecurity threats can result in regulators launching investigations, with consequent financial and reputational damage to the business,” he says.
“In a world in which business systems are increasingly inter-connected, vulnerabilities are being exploited at an alarming pace. Compliance obligations imposed on businesses increasingly require those businesses to determine for themselves which cybersecurity measures are appropriate and sufficient in the context of their activities. As a result, cybersecurity measures that were sufficient and appropriate even a few months ago may no longer be sufficient or appropriate today.”
Cybersecurity in the eyes of consumers
Adapting to the sudden change triggered by the Covid-19 pandemic marked a major test of business continuity planning. In addition to a greater number of formerly face-to-face interactions now taking place online, Chris Huggett, SVP EMEA, Sungard AS outlines how this has revealed a new relationship between cyber resilience and brand reputation.
“While cybersecurity is a universal imperative of business resilience, there are certain industries in which the reputational damage of a cyber-attack can be particularly impactful,” says Huggett (pictured).
“Our research shows that organisations in the financial services industry are the most at risk of losing their customer base, with over two-thirds of respondents claiming they would switch providers immediately if they became aware of cybersecurity flaws. The results also show home broadband and online retail service providers to be in high-risk categories.”
Digital Business Ireland has published a Cyber Security manual aimed at highlighting the most common scams and frauds. The booklet is produced in partnership with Permanent tsb.