(Un)usual business: communicating during a pandemic and beyond

Cybersecurity Strategy Director of Proofpoint and member of Les Assises’s steering committee Loïc Guezo believes that “it is not all bad” and even sees in this unprecedented situation new opportunities for cybersecurity teams.

Loïc Guezo Les Assises Cyber Covid19

The disruptions caused by the Covid-19 pandemic look like nothing our current time ever experienced, both on the personal and professional levels.

 In just a few weeks, millions of us were forced to change the way we live and work. One third of the global population is in quarantine. Installing or connecting computer workstations in such a large number – and in many cases overnight – is an unprecedented mission.

There already are some pros to notice from massive remote working, especially:

  • the whole world’s remarkable understanding and empathy
  • this unexpected mutation sped up digital transformation projects in many companies
  • the employers’ and employees’ quick response and noteworthy adaptability.

Digital agility and connectivity have both been lifesavers for organizations forced to switch to remote working; but they also represent an opportunity for cybercriminals who want to harm them despite everything. A global pandemic causes fear, confusion and disturbance; so many human aspects that attackers will make good use of… At a time when cybercriminals target people more than ever (and less infrastructures), cybersecurity teams must adapt their surveillance according to this evolution.

Here too we can say it is not all bad. A more rigorous surveillance leads to a better discernibility of the risks, which is a new opportunity for cybersecurity teams. Understanding where and how attackers are more likely to hit means we can better prepare users to defend themselves.

The way we communicate about this is crucial for the next months: the best way to be protected is for employees to understand the new threats they are facing.

Understanding the new threat overview

Constant remote working is different from occasionally working from home, because it often implies that security at home is different than the one in place at the office. It adds more obstacles and requires more cautiousness to verify the authenticity of employees’ and partner’s requests. These conditions gave strength to a well-known enemy: phishing.

Since the beginning of the pandemic, Proofpoint has dealt with more than 250 phishing campaigns on Covid-19, representing more than 500,000 emails, 300,000 URLs and 200,000 malwares. The bribes can take many forms. The most common are cures for Covid-19, some claim that the recipient’s friends or coworkers tested positive, others pretend to collect data for the government. Another popular lure consists in using the identify of a respected organization; some campaigns pretended they were from the World Health Organization (WHO) and European or national entities linked to health services (such as “Santé Publique” in France), others targeted SMBs bluffing they were offering financial aid.

Not only do cybersecurity teams need to protect infrastructures, they now need to make sure users are careful and well-informed about the risks they are facing, which represent a long-term worry…

Communicating during a crisis

Even though it is very important, network security is only one principle of a strong cyber protection.  We need to make sure we have the technical tools required to protect the new remote workers and that they understand the menaces they are confronted with. 

Within the framework of the unprecedented situation we are currently in, a clear communication is fundamental:

  • Make security education and awareness an integral part of the transition toward remote working.
  • Create a channel or a portal for cyber security risks linked to Covid-19 so the message does not get lost.
  • Give out informative materials and organize educational workshops to remind employees of their responsibilities in security and to inform them about the specific threats they are facing during the pandemic.

This instructive workshop must go way beyond the usual risk awareness. All users must understand the purposes and the mechanisms of a cyberattack, how to be protected and how their actions can change the results of those attacks.

Training must be repeated and understandable, especially when the risks are high for a long period of time. The more users understand their role in cybersecurity, the more they can be serious about it.

In return, cybersecurity teams need to let the employees know about the threats they stopped with a clear explanation of the attacks that were aiming at them.