COVID-19

How do I quickly and easily increase my cyber resilience?

Now that more and more people are working from home because of the corona measures, it seems that cybercriminals are doing their best to take advantage of this. News sources report that the number of fake emails has increased fivefold in recent days. To protect companies against these threats we want to introduce a simple solution: Grant Thornton CyberHunter [ 601 kb ], which enables you to quickly and easily get an insight into unsafe use by your employees and vulnerabilities in your internet traffic, network and information systems.

As a result of the corona crisis, companies are faced with new challenges. Are there enough laptops to hand out to your employees, is the capacity of our Citrix environment sufficient, how can we set up video conferencing, how do we set up a secure VPN connection? We’re seeing that companies find creative ways to continue their work. It is impressive that everyone is adapting their way of working quickly, but we are also seeing new risks in the world of cyber security.

New risks

For example, we see that cybercriminals take advantage of the current situation by sending false emails supposedly from the World Health Organization or sending fake corona maps which are spreading malware. We have also noticed that companies are not maintaining the same level of security for new remote working solutions and the new way of working. “Short cuts” are being made to keep access to company data. For example, employees are now allowed to process sensitive data on their home computers or connect home computers to the company network via a VPN connection. Malware can easily spread to the company network because a lot of home computers do not have the same security measures as the computers which are managed by the company. New external services and hardware are also bought quickly in order to be able to work remotely, such as printers, scanners, and phones. Only who checks whether these services comply with the security and GDPR requirements?

What can you do as a company?

We advise you to pay attention to the points below and to potentially take additional measures:

  • Provide sufficient (network) capacity to serve all employees working from home.
  • Make sure that working from home solutions are tested and up to date (e.g. Citrix and VPN solutions).
  • Use Multi-Factor Authentication (MFA) where possible to access your corporate network and enforce the use of strong passwords.
  • Monitor (new) communication channels, such as a VPN connection, on suspicious activities.
  • Ensure that your guidelines regarding information security (including the use of hardware and software and the possible use of private IT facilities) are up-to-date and known to the employees. Offer home workers protective measures, such as anti-virus software, anti-phishing software and VPN solutions.
  • Verify whether newly purchased services comply with all security and GDPR requirements
  • Ensure that employees are aware of potential phishing attempts concerning the coronavirus and that they are aware of how to report this. Keep in mind that the number of notifications regarding phishing emails and false emails will rise.

Basic security quickly organised with CyberHunter

Due to the changes caused by the coronavirus, insight into (new) cyber security risks and abnormal behaviour is crucial. With our CyberHunter service [ 601 kb ] you gain insight into unsafe behaviour by your employees and vulnerabilities in internet traffic, network and your information systems.

CyberHunter detects configuration errors, missing patches, cyberattacks, unwanted behaviour or outbreaks of malware (such as ransomware). For example, CyberHunter can detect suspicious traffic in VPN connections and protect home workers (including private computers) against outdated software, malware or (corona-related) phishing attempts.

In order to help companies maintain their cyber security level, despite the current challenges, we offer our CyberHunter Device Protection module, free of charge, for the duration of 1 month. CyberHunter can be implemented without any physical contact, in line with the advice and measures of RIVM and the government.

If you are interested in how we can protect your company in these challenging times, please contact our specialists.

Insights

How can I respond to the coronavirus COVID-19?