It is important for businesses to continually improve their cybersecurity. This need became acutely evident during last year’s lockdowns, but even with jabs on the horizon, it is wise to prepare for further disruption. Below we share 3 important points from Martin Holzworth of Fujitsu writing for Inside Small Business.
Human Firewalls
Cyberattackers have increased their use of social engineering, phishing, and spear-phishing attacks to take advantage of an environment where people are outside the corporate firewall protection and not compelled to comply with security policies. Companies have to strengthen the human firewall and reduce the human element of risk to remain resilient. Creating awareness, backed by specific policies and advice on what to do if employees notice something suspicious, is crucial. This requires increased communication, more focus on security policies, and cybersecurity training and awareness programs.
A common piece of advice is to avoid clicking links in emails. Yet, in the remote working environment, users click on links in emails all the time to join online meetings. This demonstrates that policies need to be updated to account for evolution in the work environment and the threat landscape.
Security vs Usability
If users are stymied by security measures, they will inevitably find a way to work around them, creating security gaps.
This places a heavy burden on security teams who have the uneasy task of deciding how and where to compromise policy. On the one hand, they need to keep the organisation safe. On the other, they need to empower users to work efficiently. It is essential to maintain a delicate balance and implement revised security standards.
Summary
With the rapidly accelerated digital transformation across industries, cyberattackers have plenty of opportunities to gain access to organisational data and applications. As organisations conduct business planning, they must build security into everything they do and continue to assess the actions they need to take to ensure a strong cybersecurity posture during business transformation.
(Source: Inside Small Business 2021)