COVID-19 has changed our world, forcing a work-from-home revolution for companies and workers across the globe.
According to a recent survey from Statistics Canada, approximately 4.7 million Canadians who do not usually work from home did so during the week of March 22 to 28. When those who usually work from home are included in the count, 4 in 10 Canadian workers (39.1% or 6.8 million) worked from home during that week.
With an increasing number of companies moving their businesses online in response to the pandemic, the demand for cyber security continues to rise. As many employees are left with no other choice but to adapt to the work-from-home environment, many are unaware of the multiple complications and risks that working remotely entails.
In order to help you gain a better understanding of how working remotely increases cyber security risk, we reached out to an expert from the cyber security industry, Stew Wolfe. To learn about his views on the current work-from-home landscape, read on.
Views From a Cyber Security Expert, Stew Wolfe
Many companies that handle sensitive information in their offices are now telling employees to work from home, and that can make them more vulnerable to hackers. The impulse to send employees home to work is understandable; however, companies and agencies lacking business continuity plans with a strong IT asset management component are going to be sitting ducks for breaches. An expanded cyber attack surface combined with an influx of workers who are new to working remotely increases the opportunities and odds of success for cyberattacks.
According to Proofpoint, an enterprise security company, global email threat campaigns that are COVID-19 specific have generated many malicious cyber attacks via email to corporate users, which includes greater than 500,000 malicious messages, more than 300,000 malicious URLs that you would not want to click on, and over 200,000 malicious attachments that can infect your corporate assets when at home.
The reality is that the longer someone is out of the office, the more likely it is that they will do company business on their personal smartphone, computer, tablet or other “Bring Your Own Device” asset and be susceptible to email and text scams, malware infection, and credential theft.
Okta Inc. co-founder, Frederic Kerrest, discusses the outperformance of the cyber security industry and increasing cyber security threats.
(Video Source: Yahoo Finance)
Cyber Security Tips in the Time of COVID-19
Organizations suddenly have an exponential increase in the number of endpoints, and cyber adversaries are looking to capitalize on the chaos. Users need to be wary of any emails attempting to get them to open attachments or click links. Watch out for any communications claiming to be from sources that you normally would not receive emails from. Use caution when opening emails from organizations you regularly communicate with.
The best way to protect yourself is to have an effective email security solution, secure Endpoint, Detection and Response (EDR) technology, and a secure connection from your remote user to your corporate applications. Additionally, security departments need to monitor employees’ remote-work practices. Be alert against phishing tactics in phony emails; remind users to be suspicious of emails from unknown sources and to not open file attachments or click on links.
Also, encrypt sensitive information, such as personnel, medical or financial records that are stored on, sent to, or sent from remote devices. Provide cybersecurity awareness training and keep IT resources well-staffed. Remote employees should have ready access to contact information for critical IT personnel to whom security incidents can be reported and who can assist with technical issues and remediation.
Investing in Cyber Security with CYBR ETF
If you’re looking to invest in the cyber security industry, consider the Evolve Cyber Security Index Fund (TSX Ticker: CYBR), Canada’s first cyber security ETF. CYBR ETF was one of only five ETFs listed on the TSX (out of over 500 ETFs) to have a positiveperformance in the month of March. Evolve ETFs CEO, Raj Lala, recently stated that he believes cyber security is a “recession-proof” industry, as government leaders and CEOs are unlikely to decrease spending in this sector despite economic slowdowns. The fund’s portfolio of leading global cyber security companies – including Okta Inc., Fortinet Inc., Palo Alto Networks Inc., Crowdstrike Holdings Inc., and FireEye Inc. to name a few* – makes this ETF an easy, diversified choice in accessing the growing cyber security industry.
*Evolve Cyber Security Index Fund portfolio as at April 30, 2020.
About Stew Wolfe
Mr. Wolfe is a certified Information Security professional with 26 years of experience in the Information Technology field, of which 20 of those years have been focused specifically within the Information Security field.
In his current role, Mr. Wolfe leads the NTT Ltd. Canadian Cybersecurity team and works with many customers in the finance, insurance, oil, gas and utilities industries as well as focuses on medical IoT in Healthcare. He has spoken at numerous conferences on various security topics such as the Internet of Everything, Operational Technology (OT) and the security threat landscape. Mr. Wolfe has been published in various magazines as well as newspapers.
For further reading, the 2019 NTT Ltd. Global Threat Intelligent Report can be found here: https://www.nttsecurity.com/en-us/landing-pages/2019-gtir