This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our PRIVACY POLICY for more information on the cookies we use and how to delete or block them.
Home > Insights > Business Services and Outsourcing > IT > Top Cybersecurity Recommendations Amid COVID-19
Article:

Top Cybersecurity Recommendations Amid COVID-19

26 March 2020

Martin Hořický, Partner |

A massive rise of cyberthreats connected to the spread of coronavirus COVID-19 has been identified globally. Attacks are mainly aimed at healthcare and use spear-phishing and ransomware. Common is also exploitation targeting financial systems or manufacturing. A rising amount of DDos attacks has also been identified.

Due to the quarantine put in place as part of the measures to help suppress spread of COVID-19 there is a rise in demand for work from home for many workers across industries. This situation is now being exploited by group using cyberattacks who take advantage of the circumstances.

More than 40 % of cyber vulnerabilities are directly linked to employee behaviour and as such it is vital that organizations focus more on their employees via cybersecurity awareness, education, training, and use of simulations. A successful cyberattack on a company already dealing with effects of the current measures could be devastating.

Key Cybersecurity Recommendations

To reduce both the probability of a cyber-attack or significant data breach and mitigate the negative financial impacts, we offer the following cybersecurity recommendations:

1. Define a role responsible for cybersecurity

  • Ensure that top management is promoting the importance of cybersecurity measures among all employees and that employees are familiar with internal procedures, processes and realized testing attacks and participate in cybersecurity training.

2. Implement cyber diagnostic assessments, including:

  • Email Cyber-Attack Assessments
  • Network & Endpoint Cyber-Attack Assessments
  • Vulnerability Scanning Assessments
  • Penetration Testing
  • Spear-Phishing Campaign

3. Establish a Rapid Cyber-Attack Incident Response Plan

  • Develop and periodically test an information system incident response plan to quickly identify and contain cyber-attacks.

4. Conduct 24 x 7 x 365 Monitoring, Detection, & Response (MDR)

  • It is essential to continually monitor, detect, and respond to all cyber incidents including: email system, network, software applications, and all information system endpoints.
  • This monitoring requires appropriate configuration of cybersecurity solution (ranging from IDS to IA-based threat identification solutions)

5. Ensure information system resilience

  • Implement and periodically test an business continuity plan (BCP) and disaster recovery plan (DRP).

KEY CONTACTS

Martin Hořický, Partner
Martin Hořický
Partner
Tomáš Kubíček, Partner
Tomáš Kubíček
Partner
Prague - Chodov

Subscribe to BDO Newsletter

Subscribe
Related Insights
see all insights
code

30 December 2021

Article:
Several new 0-day vulnerabilities reveal m...
0-day vulnerabilities, or zero-day vulnerabilities, are those that have just been...
See all Article