What else can be said about cyber security in 2020 that has not already been posted, tweeted, debated, and possibly forgotten – probably not much. In its 17th year, this October brings National Cyber Security Awareness Month (NCSAM) which highlights awareness about the importance of Cybersecurity across our nation. While not always on the top of mind, it can be extremely complicated and difficult to operate an entire company from the walls of your home – especially with the increased risk of cyber threats that face us all.
COVID-19 has provided unique challenges that we have met head on. The behind the scenes work that so many organizations completed during the pandemic to make remote working a reality is nothing short of miraculous, and something we all should be thankful for.
Some organizations were prepared to scale their remote work operations and simply “flip the switch.” Others had to cram and put in long hours making critical technology infrastructure decisions as if they were studying for a final exam. All of this was done in an effort to pivot and adapt to the obstacles created by the COVID-19 pandemic. No matter where your company landed within the framework and spectrum of preparation, acknowledgement of the execution to do so is something we all have a greater appreciation for, although most of us may never fully understand how difficult it was to pull off.
For those that were not positioned to take their workforce remote immediately, lay offs and furloughs were one of the many side effects. In April of 2020, we hit record high unemployment of 14.70%. We have cut that percentage rate almost in half since the peak, down to 7.9% in September of 2020. That is still more than double the unemployment rate of only one year ago. In short, we still have a long way to go.
This leads us thanking our IT professionals for all that they have done to help keep so many companies and their employees working through what are some of the most challenging times many of us have ever encountered. Many Sentinel Risk Advisors clients have continued to support employees working remotely, and it has been communicated over and over how valuable their IT resources have been the past six months. If the ability to work remotely is something you have already started to take for granted, know that many pieces of the puzzle had to come together to make it possible. Now is the time to provide a proper THANK YOU to your hardworking IT professionals.
All of this was relatively seamless – or at least they made it feel that way. As bad as the unemployment numbers have been in our country, things could have been much worse for many of us had it not been for the expertise, guidance, troubleshooting, and execution of IT professionals nationwide.
Efforts must still be made every day to prevent cyber security attacks that can cripple companies of any size. Any IT professional would tell you privacy and security attacks have only continued to increase during the pandemic. Like COVID-19, there is no cure for the constant threat and onslaught of cyber threats – only prevention methods that can be used to thwart such attacks.
In efforts to further create awareness during a time of vulnerability, the Cybersecurity & Infrastructure Agency (CISA), a standalone U.S. federal agency that is an operational component under the Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA), reminds you to “Do Your Part – #BeCyberSmart”. This theme encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity. The theme goes on to emphasize “If You Connect It, Protect It.” throughout the month of October. In effect, it reminds us that every employee is responsible for cyber security.
Now is the time to take further steps to protect your firm from cybercriminals:
- Review company policies to confirm you have security guidelines for remote workers. At the very minimum, these policies should provide guidelines on remote access of company information and the use of personal devices for company business.
- Limit access to sensitive information. Determine who truly needs access to the entire internal network versus just certain programs.
- Limit employee’s ability to copy or download data, especially to an external device (like a USB drive) when remote
- Require users to identify their identity/authenticate to reduce phishing attacks.
- Be sure that sensitive information is secure thru use of VPN or remote desktop and confirm that virus protection is up to date on all devices.
- Have employees change passwords at least every 90 days and consider use of password keeping system. Be sure strong passwords are used including use of different password for different programs.
- Discourage use of public WIFI systems – instead, use personal hotspots or encrypt the connection.
- Provide cyber awareness training to all employees and ensure all associated know what security incidents to report and how to accurately report them. Warn employees of phishing schemes, especially emails from unknown sources.
On behalf of my colleagues, Thank You – Brian G. Schreiner – Director of Information Technology at Sentinel Risk Advisors and all the other IT professionals and developers of tools and resources that make us safer every day! We could not do it without you.
For more information on how to protect your company with cyber coverage and products, please contact Amelia Bernstein, Esq. – Senior Director of Specialty Lines at Sentinel Risk Advisors at 919-678-7165 / abernstein@sentinelra.com