Building up cyber defence resilience in a post COVID-19 world
Since the start of the outbreak, as much as 70% of businesses in Hong Kong has adopted work from home arrangement. Even as the outbreak eases in the city, a study by Lingnan University revealed over 80% of local employees prefer continuation of home working arrangement and want at least one day of work from home per week.
However, HSBC shared in a study that only about 8.5% of standing of cyber security best practices.
Alarmingly, the Hong Kong Computer Emergency Incident Response Team Coordination Centre (HKCERT) recorded a 45% increase in cyber security attacks in Q1 2020, as compared to Q4 2019. Cyber-attacks in the name of coronavirus including personal data theft, malware and money fraud have also increased dramatically since February.
With thousands of newly remote workers unaware of basic security measures, a new layer of vulnerability to cybersecurity from the point of individual access was created.
At the same time, companies are struggling to properly secure externally-accessed systems, while cyber criminals become increasingly proficient at mimicking emails from health authorities.
In order to enforce a comprehensive business continuity plan, cyber defense resilience should not be overlooked. Extensive remote working will have a big impact on infrastructure that will require different security approaches. Here are some top tips for Hong Kong businesses looking to build up their cyber defense capabilities with the surge of work from home arrangements and in a post COVID-19 world:
Plan ahead with responsiveness: Draw up contingency plans and address to new and evolving threats. Engaging in cyber crisis simulations can also help, and while conducting them remotely could be challenging, it might also prove more realistic. At the same time, it pays to think of cyberattacks as a question of “when” as opposed to “if”. Be aware that your preventative measures can only realistically go so far and be ready to respond fast in case of a breach.
Extend current policies: Cybersecurity policies should now be able to manage remote-working access, use of personal devices and updated data privacy considerations for employee access to documents and other information. Without the right security in place, any devices used to access your corporate network will leave the whole system vulnerable to hacking. Monitor shadow IT and only stick to approved apps and solutions wherever possible.
Defend against phishing: Phishing emails are the most common type of cyberattacks in Hong Kong, with as much as 77% of local businesses affected. Invest in training to keep your employees defensively aware of these incidents or try simulating attacks that promise recipients information about COVID-19 or masquerade as IT helpdesks performing work from home checks.
Test and Patch: Make sure that your remote access systems are fully patched and securely configured, keep on reviewing protocols and procedures in real time to identify vulnerabilities and potential loopholes.
Provide clear guidance for employees: Management should set up clear and easy-to-follow policies that empower employees to make their home-working environment secure. This should include instructing employees to communicate with internal security teams about any suspicious activities.
-- Contact us at [email protected]
-
Equip young people for the future Dr. Winnie Tang
In late February, the inaugural flight of an air taxi from Shenzhen Shekou Cruise Homeport to Zhuhai Jiuzhou Port took only 20 minutes with an estimated one-way ticket price of 200 to 300 yuan per
-
Are we raising a generation of leaders, or of followers? Brian YS Wong
The essence of education is defined not by the facts it imparts, but the potential knowledge it inspires students to individually pursue on their own. Put it this way – the ideal form of education
-
The urgent need for reforms to sex education in Hong Kong Sharon Chau
Nearly one in every four university students (23%) in Hong Kong has been sexually harassed, according to a 2019 report published by the Equal Opportunities Commission (EOC). A 2019 study found that
-
STEAM should be linked to real life Dr. Winnie Tang
In the 2017 Policy Address, STEM (science, technology, engineering and mathematics) education was proposed as one of the eight major directions to promote I&T development. Since then, funding has
-
Let trees speak for themselves Dr. Winnie Tang
I often say that smart cities start with smart planning, but smart planning presupposes adequate, systematic and up-to-date data. This is important not only for city administration, but also for tree