I’ve reposted IT Governance’s blog entry in full (including garish advert). There’s some useful stuff here and, especially if you manage a team, I recommend watching the linked video…:
As we enter the third week of the UK’s lockdown (yes, it has only been that long), things are starting to take their toll.
Organisations are shrinking, with staff off sick or furloughed, their defences are feeling the strain of a dispersed workforce, and cyber criminals are pouncing on increasingly stressed employees.
Perhaps the only thing keeping us going is the knowledge that we’re all in this together. As a reminder of that, we’re back with more of our experiences and advice on how to manage through the pandemic.
We also have a selection of free tools to help you address some of the challenges you’ll face, and summarise the latest coronavirus-related security threats.
Everyone has had to make compromises during the coronavirus pandemic and for a few days it seemed that cyber criminals were no exception – with two notorious gangs vowing not to attack hospitals.
Unfortunately, according to research from Interpol, many of their peers haven’t been as compassionate. Interpol’s cyber crime threat response team said it has detected a “significant increase” in ransomware attacks since the COVID-19 outbreak.
For these crooks, the outbreak means that overburdened hospitals are more likely to go against best practice and pay up. We can only hope that as the virus continues to spread, criminals will realise that their attacks are putting people’s lives at risk.
Interpol has alerted all 194 of its member countries about the increasing threat of ransomware, and is working with the cyber security industry to learn more about the attacks and how national police forces can combat them.
The elderly are among those most at risk of coronavirus, so it’s no surprise that the NPC (National Pensioners Convention) has warned that there are a spate of scams targeting them.
General Secretary Jan Shortt explained that many of the NPC’s members have received bogus claims from people selling masks and protective equipment.
“They just take the money and nothing shows up. Over a million reports have been made now.
“There’s a lot of scams out there so people need to help their neighbours.”
These kinds of attacks have skyrocketed since the coronavirus pandemic began, and although the elderly might be an attractive target for cyber criminals, they’re not the only ones who need to be concerned.
Superintendent Sanjay Andersen, head of the National Fraud Intelligence Bureau, said: “We’re advising people not to panic and to think about the purchase they are making. When you’re online shopping it’s important to do your research and look at reviews of the site you are buying from.”
This advice is consistent with online shopping in general, but it’s worth emphasising given the panic that some people might feel when preparing for the pandemic.
Before the lockdown, the security of our home Internet routers would probably have been, at best, a minor cause for concern, because it’s one of the less practical or effective ways for criminals to attack us.
That’s no longer quite as true, as cyber criminals know that many of us are working at home and are accessing vast amounts of sensitive information.
If you want to take an extra step to secure your Internet connection, IT Governance Security Testing Manager James Pickard recommends that you establish a second wireless network – also known as an SSID (Service Set Identifier) – for home working.
“The creation of a new network allows the separation of corporate and personal devices, increasing the security posture,” he writes.
“As an example: if you or family member falls victim to a phishing attack or downloads malware, having a separate network will limit the criminals’ access or the spread of the infection across both personal and corporate devices.
“It also allows you to increase the security of your new corporate Wi-Fi without affecting the configuration of your existing home network.
“Bandwidth limits can often be set on these networks to ensure that connectively is reliable when other family members are steaming/gaming/downloading ensuring good connectively for your corporate devises.”
IT Governance employee tips on working from home
As you’ll have seen first-hand, one of the biggest challenges of working from home is how to remain productive.
With so many distractions, it’s all too easy to wander off and start doing other things. Indeed, it’s amazing how seemingly boring tasks suddenly become appealing when the alternative is cracking on with work.
By contrast, some people are so self-conscious about not letting their work drop while working from home that they’ll plough on through the day, starting early, barely taking a lunch break and finishing late.
The latter might sound like a far more reliable employee, but their attitude can be just as dangerous. You need regular breaks if you’re to stay healthy and avoid careless mistakes, and even if you consider yourself a dedicated worker in the office, you probably don’t realise how often you get respites.
Consider the number of casual conversations you have with colleagues when you’re in the office, or how regularly you leave the office at lunchtime, or the number of meetings you normally attend. These are all once-ordinary parts of our day – and without them, we risk getting overworked and careless.
So, don’t feel bad if you stop work for ten minutes to make a coffee and speak to people, whether that’s other people in your home or a quick call with a co-worker.
You can find more tips on how to remain productive during the lockdown by watching Making a Success of Managing and Working Remotely.
Hosted by Sarah Cook – who has 20 years’ consulting experience, specialising in leadership and management development – this webinar outlines the benefits and challenges of remote working.
- Tips and techniques for making remote working a success;
- Practical advice for managers; and
- Information on building personal and team resilience when working in isolation.
You can find more guidance on managing these requirements with our Remote Working Policy Template. It includes guidance on storing devices securely, creating and maintaining strong passwords, and an acceptable use policy for visiting websites that aren’t work-related.
Meanwhile, another way to ensure that your transition to remote working is successful is by implementing a BCP (business continuity plan).
This is a series of documents that explains how an organisation will respond in the event of disruption – including, where necessary, instructions on how employees can work from home safely.
We’ve created a free BCP template for those who want guidance on how to navigate the challenges the COVID-19 pandemic has brought.
It contains guidance on all the key aspects of that should be included in a BCP, giving you the framework you need to roll out an effective plan quickly.
Coronavirus: you’re biggest challenge yet
Organisations have a hard enough time as the moment without the threat of cyber crime and compliance issues. Unfortunately, the chaos that the coronavirus pandemic has caused means there are a variety of new security issues that you must address.
That’s why we’ve put together a series of packaged solutions tailored to these turbulent times. For example, we have tools and services to help you address business continuity management, remote working best practices and network vulnerabilities.
Meanwhile, we’re offering 25% off our April training courses – which are available in several remote learning options – and if you book one of our selected courses, you’ll receive the Coronavirus Business Continuity Bundle for free.
The post Secure Together: cyber attacks against hospitals and how to protect your home Wi-Fi appeared first on IT Governance UK Blog.