Business Leader interviews Catherine Aleppo, Head of Cyber at Aston Lark about what your business needs to protect itself against a cyber attack.
With more people working remotely, what are the main threats you’re seeing with regards to cyber security for businesses and employees?
Most organisations are not prepared for mass migration to remote working. Quite understandably, the main priority has been to continue trading, even if it has meant risking the use of unencrypted laptops with poor security.
When employees access a company network remotely using just a username and password, it’s much easier for a hacker to gain access. Remote Desktop Protocol (RDP) compromise often stems from a phishing attack, tricking victims into sharing their credentials. This enables the attacker to log in to the network posing as a legitimate user. If user permissions are unrestricted, the hacker can roam undetected, creating chaos. Typically this is done by stealing data, installing ransomware or simply sending out emails purporting to be from an employee instructing funds to be transferred.
Working in a home environment comes with distractions such as family, pets, and deliveries, all of which make remote workers more susceptible to falling for social engineering scams. They’re also more likely to browse the internet, increasing the chances of visiting an infected or malicious site.
Few Business Continuity Plans have been tested in a remote environment, making the financial impact of any period of network downtime potentially longer and more severe. Where the necessary level of cyber security is not implemented, threat actors will find, exploit and capitalise on any vulnerability.
Can you share some best practice around working remotely and cyber security?
Implementing cyber awareness training is fundamental in helping employees. Not only do they become more cautious about security but they will learn what to do if they’re subjected to an attack.
To maintain security when logging in remotely, employees should use a Virtual Private Network (VPN) with multi-factor authentication enabled. Using a firewall can help monitor untrusted network traffic. Devices should have up-to-date operating systems and use supported software. Having a time delay between successive log-in attempts restricts the number of password guesses that can be made by a hacker trying to gain unauthorised access. Restricting privileges ensures users only have access to what is required for them to do their job. Businesses relying on a back-up strategy must be testing them and have connected and disconnected back-ups.
Even with every security measure in place, there are no absolutes in risk management. A ‘belt and braces’ approach is required that reduces the risk with security protocols and mitigates the risk with insurance.
What are the key cyber threats you are seeing?
Technology requires humans to operate it, and humans make mistakes.
Ransomware continues to be a significant threat. With data exfiltration now commonplace in ransomware attacks, even having regained full access to their data, a business still faces the costs associated with a potential privacy breach.
Business email compromise is another sizable threat often leading to funds transfer fraud and data theft.
The mishandling of cyber events can cost an organisation dearly, damaging not only the bottom line, but their reputation. This is why it’s so important to have the incident response support along with the protection that comes with a cyber insurance policy.