Top Cybersecurity Recommendations Amid COVID-19

26 March 2020

Martin Hořický, Partner |

A massive rise of cyberthreats connected to the spread of coronavirus COVID-19 has been identified globally. Attacks are mainly aimed at healthcare and use spear-phishing and ransomware. Common is also exploitation targeting financial systems or manufacturing. A rising amount of DDos attacks has also been identified.

Due to the quarantine put in place as part of the measures to help suppress spread of COVID-19 there is a rise in demand for work from home for many workers across industries. This situation is now being exploited by group using cyberattacks who take advantage of the circumstances.

More than 40 % of cyber vulnerabilities are directly linked to employee behaviour and as such it is vital that organizations focus more on their employees via cybersecurity awareness, education, training, and use of simulations. A successful cyberattack on a company already dealing with effects of the current measures could be devastating.

Key Cybersecurity Recommendations

To reduce both the probability of a cyber-attack or significant data breach and mitigate the negative financial impacts, we offer the following cybersecurity recommendations:

1. Define a role responsible for cybersecurity

  • Ensure that top management is promoting the importance of cybersecurity measures among all employees and that employees are familiar with internal procedures, processes and realized testing attacks and participate in cybersecurity training.

2. Implement cyber diagnostic assessments, including:

  • Email Cyber-Attack Assessments
  • Network & Endpoint Cyber-Attack Assessments
  • Vulnerability Scanning Assessments
  • Penetration Testing
  • Spear-Phishing Campaign

3. Establish a Rapid Cyber-Attack Incident Response Plan

  • Develop and periodically test an information system incident response plan to quickly identify and contain cyber-attacks.

4. Conduct 24 x 7 x 365 Monitoring, Detection, & Response (MDR)

  • It is essential to continually monitor, detect, and respond to all cyber incidents including: email system, network, software applications, and all information system endpoints.
  • This monitoring requires appropriate configuration of cybersecurity solution (ranging from IDS to IA-based threat identification solutions)

5. Ensure information system resilience

  • Implement and periodically test an business continuity plan (BCP) and disaster recovery plan (DRP).