Growth
EY cyber response to COVID-19How to strengthen operational resilience and security of financial institutions during and after the COVID-19 crisis
Prioritising health during the Covid-19 pandemic has ushered in a new way of working for businesses across the globe, with millions of people now working from home and relying on virtual solutions. One of the ripple effects from this change in behaviour is the evolving cybersecurity challenge, as enterprises face additional information security risks to the confidentiality, integrity, and availability of key information systems. Communicating these risks to staff is absolutely critical as a first line of defence.
With families in lock-down together, work devices are more likely to be left unlocked around the house or borrowed by children and partners. People are also hungry for information, and more prone to falling prey to malware and ransomware attacks masquerading as legitimate news and information. Malware introduced through personal accounts can make its way onto the work device and from there into the work network. Additionally, many organisations have been unprepared for remote working at scale in this new environment, meaning that seemingly small things – such as updating policy and procedures for the new normal – can be overlooked.
Download our document below for our latest guidance on strengthening operational resilience and the security of financial institutions before and after the COVID-19 crisis. Communication is key, with the five key cybersecurity messages to communicate to employees being:
1. Consistently follow your company policies
Policy, guidelines and rules for accessing the company network outside the office should be adhered to. Make sure to report any suspicious behaviour to support and follow basic standards. For example: keep up-to-date operating systems, antivirus and malware, regular scanning, etc.
2. Don’t allow family members to use your work devices
Treat your laptop, mobile device and sensitive data as if you were in your office location.
3. Use your company-approved storage solution
Make sure to store all your work data in a secure location that is approved by and accessible to your company.
4. Only use company-approved devices and consult your IT department if you will be using a personal device to connect to corporate networks
If connecting through your home Wi-Fi, ensure that it has a strong password and avoid using public or unsecured networks. If a personal device must be used, on an exception basis, be even more careful updating operating systems, antivirus, update FritzBox Router, etc.
5. Be mindful of your online hygiene
Be careful of clicking on suspicious links, especially if related to coronavirus, as attackers are using that fear to encourage people to click without thinking.
Explore our latest insights and thinking to support you in leading through these volatile times, and reach out if you have any questions.
Growth
EY cyber response to COVID-19How to strengthen operational resilience and security of financial institutions during and after the COVID-19 crisis