A man wearing a face mask as a preventive measure against the spread of the COVID-19 coronavirus walks next to commercial buildings in the Raffles Place financial business district in Singapore on April 14, 2020. (Photo by ROSLAN RAHMAN / AFP) (Photo by ROSLAN RAHMAN/AFP via Getty Images)A man wearing a face mask as a preventive measure against the spread of the COVID-19 coronavirus walks next to commercial buildings in the Raffles Place financial business district in Singapore on April 14, 2020. (Photo by ROSLAN RAHMAN / AFP) (Photo by ROSLAN RAHMAN/AFP via Getty Images)
Raffles Place financial business district in Singapore, April 14, 2020. (PHOTO: ROSLAN RAHMAN/AFP via Getty Images)
<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="By Gerry Chng” data-reactid=”23″>By Gerry Chng

SINGAPORE — Following the introduction of Singapore’s circuit breaker measures to curb the spread of COVID-19, the majority of the nation’s workforce is now working from home.

As more countries shift to remote working amid the pandemic, resulting in a surge in online activity, cyber criminals have been quick to seize the opportunity. In the US, the number of cyberattack reports has quadrupled compared to months before the pandemic, Tonya Ugoretz, Federal Bureau of Investigation Deputy Assistant Director shared in an online panel. 

Cyber threat actors across the spectrum — from government-backed groups to organised crime gangs — are using the public’s fear, uncertainty and curiosity about the pandemic to adapt their threat vectors, tactics and targeting strategies. These could include phishing, malicious sites, and business email compromises.

In addition to fighting against aggressive external attacks, organisations also need to deal with internal security weaknesses.  

Unlike a corporate environment, companies have limited control in securing the home environments of their employees who are working remotely. Security is highly dependent on an employee’s individual level of awareness, integrity and compliance with following security best practices. For example, employees may not be aware of the cyber risks in sharing their laptops with other household members, who may access unsecured sites or download risky freeware, and potentially result in a confidentiality breach or compromised systems.

The other challenge is that supporting the entire workforce on a telecommuting basis puts a strain on enterprise technology infrastructure and manpower. IT teams, especially those in organisations that are not accustomed to remote working, are under immense pressure and may decide to bypass information security best practices in a bid to meet the surge in user and service demands.

IT teams also face the challenging task of ensuring connectivity and stability between files, shared drives and systems, and may decide to defer patches on critical assets or adjust security levels to prevent overloading their systems.

<h2 class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="Mitigate risks” data-reactid=”31″>Mitigate risks

To manage these cyber risks, organisations must employ a multi-faceted risk mitigation strategy. 

Companies need to centrally manage and roll out robust teleworking solutions to empower and enable employees, customers, and third parties. This will help reduce the likelihood of employees setting up their own “shadow IT” using unmanaged software solutions. 

They should also leverage role-based rather than location-based identity and access management solutions, analytics, and controls. This new approach is better suited to supporting the mobile workforce where locations do not matter as much.  

Organisations should establish second-factor or other relevant authentication controls for processes that were previously executed in person. While it is necessary to adapt business processes to keep business as usual activities operating, network baselines will need to be recalibrated to match the resultant surge in remote traffic. IT teams will need to use these new baselines to measure anomalous and possibly malicious network traffic.

Companies should provide links to official resources for pandemic-related information as well as establish formal and transparent communication channels, to avoid the spread of misinformation within the organisation. By providing employees with a reliable source of information, they are less likely to fall prey to phishing attacks that commonly use misinformation as bait. 

Lastly, they should update and test their incident response and disaster recovery plans to ensure they are applicable to the current state of the workforce. If the organisation engages an external incident response provider, review the provider’s response time and its ability to support the organisation’s current needs. 

Remote working need not be a high-stakes event. By proactively adopting strategies to strengthen cyber resilience and protect employees, customers and stakeholders, organisations can seize this opportunity to pivot toward new ways of working and make them more safe and secure for the long term. With the COVID-19 pandemic expected to reshape business and workforce models even in its aftermath, this may well be a worthy investment of time and resources now.

<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="Gerry Chng is EY Asean Risk Leader. ” data-reactid=”39″>Gerry Chng is EY Asean Risk Leader.

<p class="canvas-atom canvas-text Mb(1.0em) Mb(0)–sm Mt(0.8em)–sm" type="text" content="The views reflected in this article are the views of the author and do not necessarily reflect the views of the global EY organisation or its member firms.” data-reactid=”40″>The views reflected in this article are the views of the author and do not necessarily reflect the views of the global EY organisation or its member firms.