Even before the current pandemic, as enterprises have adopted techniques and practices such as digital transformation, cloud and mobility, they have faced an increased risk from a range of established and emerging cybersecurity threats, such phishing attacks which seek to introduce malware capable of compromising sensitive business information, ransomware and other fraud campaigns. The risk of huge fines under the GDPR means that cyber security has become a board-level issue, as well as a focus for regulators.The Covid-19 pandemic has turned many businesses ‘inside out’ as they rush to enable agile workforces, meaning increased cyber risk as criminals and fraudster look to capitalise on the rush to remote working. These risks include:
- Rapid adoption of workplace collaboration tools, such as Microsoft Teams, Slack, Google Hangouts and Zoom, which are low effort targets for malicious attackers looking to gain access to enterprise tools.
- Growth of ‘Shadow IT’ i.e. increased use of personal devices, collaboration tools and cloud storage for business purposes.
- Increase in the number of users working in a less-than-secure home environment (security risks can include connected devices and poor network security) as businesses shut their doors and encourage agile and remote working.
- network monitoring and intrusion/breach detection,
- anti-virus monitoring and management,
- firewalls with email and web filtering,
- patch management and system upgrades,
- incident response - investigation and remediation,
- security assessments and audits,
- threat intelligence,
- compliance management, and
- training and consulting advice.
- robust, documented service levels and response times,
- better threat management and mitigation,
- improved reporting and management information,
- access to specialist resources,
- access to best-in-class technology and other leading practices.