The Regional Chief Information Officer, Africa & Middle East, Standard Chartered, Islamic Banking, Mohamed Razek, has advised banks and organizations on the need to review existing security infrastructure of their operations due to rising cases of cyber attack.
He said this has become necessary in particular as more organizations allow their employees to work from home to practice social distancing to curb COVID-19 pandemic
This was contained in a report on ‘Ensuring business continuity during COVID-19.’ The PUNCH reports
He said, “If cyber security was not at the top of a chief information officers list before, it should be now.
“Cybercriminals are well aware of the increase in employees currently working from home and are shifting their tactics to attack home networks, in an effort to infect devices that are connected to the organisation’s VPN.
“The UK’s National Cyber Security Centre has warned that cybercriminals are exploiting the disruption caused by COVID-19 through a range of phishing and malware attacks which are likely to proliferate.
“Check Point, a cybersecurity firm has found that since January 2020, there have been over 4,000 coronavirus-related domains registered globally with three per cent found to be malicious and an additional five per cent suspicious.”
To counteract the threat of cyberattacks, he stated that employees must be kept informed and updated on policies and procedures around proper data usage and protection along with guidance on how to identify phishing and malware attempt.
He said it was important to identify security needs, review the existing security infrastructure and assess what people would need to work safely, take into consideration the devices employees would use (company-issued or personal devices), and the networks they would be on (public or private).
For example, he said, in order to avoid security breaches, many organisations did not use external memory drives such as the USBs to share files.
Instead, he observed, businesses had turned to more secure cloud services to ensure encrypted files made it difficult for hackers and third parties to access.
He said it was expected that there would unprecedented strains on technology infrastructure during this time.
To circumvent this and ensure business continuity, he said, CIO’s and their teams needed to be testing infrastructure and resilience of the networks (such as stress testing to monitor and manage core systems), software and hardware regularly to ensure there was no down time for the business.