Intelligent CISO Issue 32 | Page 43

Communications that appear to come from the organisation they work for are far more likely to be believed if the employee is not in the office ( when they would be able to verify it ) or are distracted by events happening at home .
EXPERT OPINION

Communications that appear to come from the organisation they work for are far more likely to be believed if the employee is not in the office ( when they would be able to verify it ) or are distracted by events happening at home .

• Employee devices ( mobiles , laptops , etc .) need to be sufficiently protected ; anti-malware and endpoint protection software are key in identifying if an individual ’ s computer or mobile device has been compromised after clicking on a link from a malicious email . Quickly resolving incidents at the source can prevent the spread of malware or an attacker from reaching into other parts of the network .
• The IT network and the applications within it need to be monitored . Security Information and Event Management ( SIEM ) tools collate logs so that unexpected ( and therefore suspicious ) behaviour , such as an employee accessing data they would not normally look at , is identified and stopped before any damage is done .
• Data Loss Prevention Software or information classification tools protect unstructured data from being exported from applications or being created by the business . Knowing what information is confidential or sensitive allows the cybersecurity team to monitor unexpected transfer of data outside the organisation ’ s controls .
• IT security and business teams need to work together to ensure adequate controls are in place , for example , preventing unauthorised payments or transfers of money , unless they go through sufficient levels or approval , regardless of who appears to have made the request .
• Other checks include the teams responsible for disseminating company-wide updates about the pandemic being clear about the format and channels they will use to communicate . This is in order to minimise the risk of a criminal taking advantage of the confusion and publishing false information to encourage employees to perform an action that will damage the organisation .
The global pandemic has caused a rise both in phishing attacks and the number of organisations that are susceptible to them , but it is by no means a new phenomenon . It won ’ t disappear as more people start to return to work in offices ; equally , with one of the lasting effects of lockdown likely to be a significant rise in the number of employees choosing to work from home at least some of the time , it will remain an ongoing risk .
Understanding why phishing happens and how to prevent it , while being prepared with mitigation strategies should bad actors succeed in their attempts is therefore good business practice – regardless of COVID-19 . u www . intelligentciso . com
43