By Peter Gerdenitsch, RBI |
After one year of COVID-19, many of us have become accustomed to the home office. However, the increased demand for “remote working” has significantly changed the framework conditions for cyber security. Prominent companies became victims of cyber attacks and experienced unwanted “publicity” in the media. Banks in particular are attractive and rewarding targets from the perspective of cyber criminals. The reason for this is the sheer volume of sensitive (customer) data.
Cyber attacks may damage the reputation
We all know that the potential financial damage to the suffering company is a threat. But we must not forget that in most cases a suffered “cyber attack” may also damage the reputation. And this in addition to the damage on the operational business. But there is also the regulatory level: a violation of guidelines of the General Data Protection Regulation (GDPR) might occur.
How to handle company-sensitive information in the home office
Handling company-sensitive information in the home office requires a more sensitive approach in the processing of data than in the office premises. Think, for example, of telephone calls with or about your customers at home or the secure storage and locking your company laptop.
In addition to the human factor, modern technologies support the protection of company data and reduce the risk of data loss. Furthermore, the stability of our IT infrastructure proves to be an important cornerstone for productive and secure work from home.
Fraud and phishing attempts on the rise
As if the Corona crisis wasn’t challenging enough on its own, fraudsters use it actively for fraud and phishing attempts. They take advantage of the fear and uncertainty surrounding the crisis. They also make use of the hope that vaccination will soon be available. In the UK, for example, we have already seen initial reports of scams involving vaccination notifications. People get the information that they are eligible for vaccination and should disclose their bank details.
In addition, the Corona crisis continues to be used as an opportunity to send phishing emails. Here, people are redirected to fake websites to steal their user data. I therefore recommend to always apply a healthy amount of skepticism to all emails. You should never click on links or attachments if the origin of the email is unclear. Please consult your in-house security experts.
Peter Gerdenitsch is Group Chief Information Security Officer at RBI.