Google and KPMG experts on COVID-19 cyber scams

Are you running continual awareness campaigns?..:

[…] With such prolific fraud attempts out there, realization of what forms these COVID-19 scams take – and how they should be best handled – should be of urgent importance for both the organizations and the people who work for them.

Specialists believe prioritizing cybersecurity awareness campaigns at the public policy- and enterprise-levels could help, as Azlan Mohamed Ghazali, Engagement Director in the Emerging Tech Risk & Cyber (ETRC) Department at KPMG in Malaysia, pointed out recently.

“It is essential for organizations to continuously promote the importance of cybersecurity threats to internal staff as well as to the public through Info Security Awareness. The government should also consider establishing an extensive Cyber Security Awareness Program that could be easily replicated across to all government agencies.

“Additionally, each agency should have internal staffs that are capable of handling and managing cybersecurity threats without fully relying on an external third-party agency. Companies should at least make it compulsory for employees to partake in a yearly Information/Cyber Security Awareness Training.”

Google’s Risher also told Tech Wire Asia some of his tips to avoid cyber scams:

# 1 | Use enterprise email account for work-related messaging

Even when working from home, it is critical to keep work and personal email separate. Enterprise emails have additional security features to keep confidential data private, such as two-factor authentication which can be enabled by the company’s IT professional.

# 2 | Secure video calls on chat apps

Most videoconferencing apps can now add additional verification layers to ensure only invited attendees can access the call. Organizers can vet individual attendees, and invites to install new communication apps should be double-checked to ensure they are authentic invites.

# 3 | Installing security updates

Security updates provide fixes for known threats, so users should be sure to update their home devices like how their work hardware gets automatic updates.

# 4 | Using a password manager to create strong passwords

Remote working might require a host of new application and service accounts to be created, and users might be tempted to use the same passwords for all these accounts.

Unique, hard-to-guess passwords are the best option, and a password manager tool like the one built into Google Chromewould be the most dependable solution for end-users.

Original article here