The COVID-19 outbreak is changing how companies operate. While it is having a profound impact on supply chains and the nature of demand, the most direct impact is the fact that most people are confined to their homes. Many companies are now working fully remote, including some that had never had remote work policies in the past.
There are many considerations around the transition to remote work. The first ones that come to most employers’ minds are generally how to maintain productivity, communication, and morale while team members are working in isolation.
But working remotely also comes with significant cybersecurity risk ramifications. Company networks are inherently spread thin and ultimately rely on employees’ home network security to keep company data safe. Many companies’ cybersecurity practices just aren’t built around remote work and they will have to adapt to keep themselves safe.
Luckily, just a few additional measures can greatly mitigate your cybersecurity risks during the COVID-19 outbreak. Let’s take a look at the risks and how to tackle them, including:
- Why the outbreak creates openings for cyberattacks
- How to mitigate your company’s risks
- Protecting employees and their devices
- Business insurance coverage for cyberattacks against remote networks
Why COVID-19 Creates Opportunities for Cyberattacks
The main reason why the COVID-19 outbreak is changing the nature of cybersecurity is that just about everyone that can is now working remotely. Instead of operating as a closed system, companies’ networks now include each employee’s home networks and devices. And a distributed network is inherently harder to protect: you can’t just throw a firewall around it. Not to mention, most existing strategies and policies are focused around protecting the company networks and do not work for distributed or bridged networks.
Employees’ home networks are the most significant gap in your cyber protections. Unfortunately, VPNs and other standard protective measures only cover communications between home devices and company networks. They do not protect the home devices themselves or home networks. That means any company data stored on the devices is much more easily compromised by cyberattacks.
But on top of the technological challenges posed by the COVID-19 outbreak, the coronavirus is also creating opportunities for successful cyberattacks that rely upon the fear, isolation, and ignorance of people amid the outbreak. Phishing attacks related to the virus have increased more than six-fold in the past month and tens of thousands of people have clicked on malicious links that used the topic of the virus as bait. As a result, the total number of hits on malicious links nearly tripled from February to March.
What this means is that your employees are simply more likely to fall victim to malware, eCommerce fraud, or other cyberattacks thanks to the COVID-19 outbreak. And when they do they may inadvertently compromise their devices and your company data.
Minimize Your Risk
Cybersecurity risk management is a multi-tiered process that starts with avoiding and defending against attacks. If that fails, then you need to mitigate the damage from successful attacks and transfer the risk away from the company. While it is always better to stop an attack from being successful in the first place, you should still have plans and processes in place to handle the situation in the case it occurs.
So, how do you stop cyberattacks from compromising your remote work operations? The first step is to implement strong endpoint protection on all employee devices that will be used for work. Endpoint protection software is a bit like antivirus software evolved and takes a more comprehensive and proactive approach to threat prevention, detection, and defense.
Next, you need to educate employees and set standards for their home networks. Employees should use networks secured by a strong and unique password. Then, you should make sure that only authorized IP addresses can access your data and networks. IP blacklists, multi-factor identification, and identity management solutions can go a long way towards protecting your data during the outbreak. Finally, make sure that all of your standard protection measures are also in place and up-to-date. This includes VPNs and firewalls that protect your company networks from any attacks.
But if these measures fail, it’s time to mitigate the damage. That means implementing effective intrusion detection to discover a breach and start addressing it as quickly as possible. Ideally, these systems will tell you not just that there has been a breach but what systems were accessed. That can help you diagnose the damage and formulate your response. Another option is a managed detection and response system that combines software with hands-on attention from security experts for added protection.
It is just as important to minimize disruption to your systems and workflow. Many attacks try to damage or destroy data not just steal it. So, regularly back up all data in multiple locations to ensure that you don’t lose anything.
Finally, transfer the risks through business insurance coverage. As we’ll explore in detail later in this post, your business insurance will likely cover the damage from a successful cyberattack even if the attack was against an employee’s device or happened while the employee was working remotely.
Protect Your Employees
As we discussed earlier, remote work is not the only driver of cybercrime during the COVID-19 outbreak. Most attacks have to do with the virus itself, using outbreak-related lures to get people to click malicious links or even taking advantage of CARES Act stimulus payments to steal information and money from susceptible businesses.
While many of these attacks will target the individuals themselves – trying to gain access to their bank accounts or vital identity information – employers should still do everything they can to protect employees from falling victim to such attacks. Not only is it the right thing to do to take care of your team members, but the attacks can also compromise employees’ work devices and present cybersecurity risks. Just because an attacker planned to go after an employee’s bank account doesn’t mean that won’t pick up some valuable company data along the way, especially if it is low-hanging fruit.
So what can you do to protect your employees? In addition to providing powerful antivirus software, you need to educate and reassure. COVID-19 cyber-attacks feed on fear, isolation, and misinformation. Providing support and correct information about both the COVID-19 outbreak and common scams is the best countermeasure once your technology solutions are all sound and in place.
Work with your IT team, business insurance broker, HR consultants, and any other stakeholders to put together resources to inform employees about how to identify possible scams or malware attacks, and what to do if they think they may have clicked a malicious link or compromised their device. And work with your HR advisor to create outbreak-related resources that will fill the COVID-19 information gap so that employees are less likely to click the links in the first place. Finally, do everything that you can to minimize fear and isolation by keeping employees connected, engaged, and healthy in mind and body during the quarantine. Not only will this help minimize cybersecurity risks, but it will help your remote team work more effectively as well.
Know Your Business Insurance Coverage
If things do go wrong, will your business insurance protect you from the damages?
By and large, the answer is yes. There are several “triggers” that will cause your business insurance to kick in and which apply in the case of a cybersecurity breach from a remote employee.
A privacy insuring agreement may cover any damages if the attack results in the following privacy triggers. First, illegal access to company information is likely covered because your company will have been the victim of a crime. Secondly, if company information is compromised due to a cyberattack on an employee’s device that may count as violating an NDA, a common privacy trigger in business insurance policies.
But a security insuring agreement will often also apply. When someone is working from home, their computer and network will generally count as the company’s computer and network and thus be covered if attacked. This is especially true if they use a company device while working from home.
Keep in mind, though, that some insurers require a formal “Bring Your Own Device” policy with employees for them to cover the damages. This policy needs to outline safety measures and proper conduct that employees have to follow when using their device. So it is a good idea to have your employees sign such an agreement now that they are working remotely.
When in doubt, ask your insurer and business insurance broker about your cyber insurance to find out the details of your coverage. But if you have the correct policies in place, there is a good chance that you will be covered if your security measures fail.
There are many considerations when it comes to protecting company data, networks, and devices during the COVID-19 outbreak. Hopefully this article has given you a solid roadmap to start formulating your defense strategy and helped you figure out the right questions to ask your IT and business insurance providers. Just remember:
- Remote work means a distributed network for added security risks and possible entry points for attacks
- The outbreak has many people scared and looking for help, creating opportunities for attacks
- Educating employees about proper security measures, real information about the outbreak, and how to avoid falling victim to cybercrime goes a long way to protecting their data and the company’s data
- IT considerations to protect against cyberattacks during the outbreak include endpoint protection, intrusion detection, regular backups, home network security, and up-to-date antivirus, firewalls, and VPNs
- Working with your business insurance broker to ensure you have the correct cyber liability policies in place is crucial during this time