skip to content
Contact
Home
Search

Article

Building a human firewall:

How to be cyber-resilient during the COVID-19 pandemic

Updated: December 03, 2020
"Hackers are taking advantage of collective anxiety about COVID-19. Human behaviour can be the weakest—or the strongest—link protecting us from unwanted outcomes."
Vivek Gupta, a BDO partner in Cybersecurity

Determined to flatten the curve of this second surge of coronavirus, Canadians are again acting in social solidarity—working from home, leaving only for necessities, medical care, or to attend to more vulnerable members of our communities.

During the second wave of COVID-19 cases, there is a second vulnerability we need to build a human firewall to prevent from further spiking—cyber breaches.

The Canadian Centre for Cybersecurity has noted an increase in reports of malicious actors using the CoronaVirus (COVID-19) in phishing campaigns and malware scams through 2020.

A cyber incident during a crisis—while most employees work remotely and place more demands on infrastructure and IT—could have far-reaching impacts.

We need to secure our businesses and protect our personal information.

The COVID-19 pandemic is a time to go back to basics, to good digital hygiene—not opening emails without confirming the sender, for instance, even when it claims to offer critical information about how to respond to the crisis. Cybercriminals are exploiting increased interest in learning about novel coronovirus.

Before the first diagnosis of COVID-19, Canada already had among the highest costs associated with cyber breaches. The average cost of a breach for all Canadian businesses, US$4.4 million, is about $500,000 higher than the global average of US$3.92 million, according to a July 2019 Ponemon Institute report.

Your organization may be able to negate the impact of a breach if it is cyber-resilient.

Cyber-resilience strengthens your company's capacity to resist attacks and enables it to continue to function if, or when, an incident takes place—even during a global crisis.

5 tactics to be cyber-resilient during the COVID-19 pandemic—and after it ends

There are three factors that influence cyber-resilience—people, processes, and technology. Our tactics consider all three, and are relevant to all industries, operating business-as-usual or during this unprecedented global pandemic

Support all employees in following cybersecurity policies, processes, and procedures through comprehensive cybersecurity awareness, education, and (re)training programs (with a focus on the most prevalent forms of cyber-attack during the COVID-19 pandemic—spear-phishing campaigns, for instance)

  • Email cyber-attack assessments
  • Spear-phishing campaigns
  • Network and endpoint cyber-attack assessments
  • Vulnerability scanning assessments
  • Penetration testing

Develop and test an enterprise-wide information-system incident-response plan to identify, contain, eradicate, and quickly recover from cyber-attacks.

Implement and test an enterprise-wide business-continuity plan (BCP) and disaster-recovery plan (DRP).

Continually monitor, detect, and respond to all cyber incidents impacting email systems, networks, software applications, and all information-system endpoints using advanced security information event management (SIEM) software, data-visualization tools, automation, and artificial-intelligence (AI) capabilities.
person looking at computer

How BDO can help

To develop a threat-based cybersecurity strategy specific to your business, contact us.