COVID-19: the organisation of structures around IT security
For almost three months, the world has been plunged into a race against time to get rid of this pandemic that continues to restrict the possibilities of action in all sectors.
The coronavirus pandemic has affected all sectors of economic activity, particularly computer science and cybersecurity. Since April, according to Europol, there has been a significant increase in cyber-malice. Acts that are mostly directed towards companies, even if it must be admitted, individuals are not spared.
This article will also interest you: 6 precautions that could prevent you from contaminating the computer system in business
One of the prime targets of cyber-prisoners is health care in the general sense of the word. Whether it's hospitals, the World Health Organization or research centres on the discovery of vaccines against Covid-19, cyber criminals are trying to take advantage of the situation to extract the maximum money from the health sector. For non-health companies, the deployment of remote work has been more open for hackers. This did not fail to attract the attention of computer security specialists and so that security officials information systems. The latter have faced a challenge since the beginning of the confinement. Their role has been to prevent, combat and eliminate any form of threat to their information system. "From the beginning of the crisis, the role of the security reference has been strongly exposed. Groups of hackers took advantage of the containment measures to attack companies through their employees. Philippe Fernandes, IT security recruitment expert for the Robert Walters Group, said:
For the most part, the most common method used during this period is phishing. The idea of reaching companies more easily through their employees who worked from home, and who did not often take necessary precautions. And since the adoption of telework has been a bit hasty, several cybersecurity requirements have not necessarily been met. In this way, hackers have tried to trap these teleworkers several times through millions of electronic connections trapped. A classic pishing shot of sorts. Indeed, according to the Mountain View firm, Google meant that in April alone, there were nearly 18 million unwanted emails a day. That number must have grown today.
However, for their part, companies have begun to implement several systems to improve their security internally, but also externally. They are now in a dynamic of preparing the ground for the near future which is likely to be quite hectic for cybersecurity "Deconfinement". "Whether or not telework persists after containment, companies need to learn from this period by allowing access to information remotely, while respecting security issues. In addition, the implementation of an Identity Access Management policy (for identity and access management) becomes essential when employees have access to confidential data, and install new applications in a personal or professional capacity on their work computer. explains Philippe Fernandes.
Beyond all this, companies and all private and public structures should step up their outreach activities. Employees must be as informed as possible but also trained. And several times if necessary. For in a certain way, the major problem underlying the explosion of cybercrime against companies is the lack of knowledge or neglect of good digital hygiene practices. Employees should therefore be motivated to be a little more disciplined, even if it means imposing sanctions or offering rewards.
The coronavirus pandemic in some sense has been beneficial. Indeed, private and public organizations are aware that they were not adequately prepared for a situation that would require them to change their habits in a way that would speed up. The most important thing is that he also learns from these 3 months of intense struggles for the future. "The crisis we are going through has been a life-size test managed rather well by cybersecurity teams thanks to upstream preparation and total dedication from industry players. In addition, ANSSI has been a strong presence on a daily basis with organizations. The post-Covid-19 era will mark a turning point: branches must continue their efforts, and invest more and more in internal support and financial resources to ensure their IT security. concluded the expert.
Now access an unlimited number of passwords:
