Cybercrime has surged during the COVID-19 pandemic. Organisations across the world are increasingly being targeted by cybercriminals looking to exploit the disruption and disinformation that has been abundant during this period. The organisation, its clients and its people are all at risk of financial loss and reputational damage.
In Australia, the Australian Cyber Security Centre receives one report of cybercrime every 10 minutes and estimates that financial losses to cybercrime exceed $300 million each year [1]. Unfortunately, small and medium sized businesses are most exposed.
Many organisations have responded to this threat, but many are struggling with knowing where to target their limited resources and budget to make a realistic improvement in their resilience to a rapidly evolving threat.
Cybercrime attacks are profitable. Cybercriminals think an anxious population, vulnerable people at the highest risk, and the proliferation of disinformation on social media represents a good opportunity to defraud.
Phishing and ransomware attacks have increased, and this has been compounded by organisations setting up new ways of remote working at a pace which does not always allow effective cyber security arrangements to be put in place. The World Economic Forum said, "New working patterns leading to cyberattacks and data fraud are the most likely technological fallout risk for the world (from COVID-19)".
Many organisations have sought to rely on outsourcing their technology or operational needs, however, some organisations don’t have an adequate level of visibility over their third-party suppliers of technology-related services. Very few have enough knowledge to assess whether they are properly protected or not.
Some basic steps to protect yourself against cyber threats include using strong passwords, updating software, avoiding suspicious links and using a VPN (Virtual Private Network). For many, the landscape of cyber protection strategies gets complex quickly.