Cybersecurity at the heart of the business recovery
The containment is gradually coming to an end.
These thousands of people who were teleworking or confined to their homes will soon return to the offices. However, we must not be fooled because we are witnessing a very dangerous movement. From a cybersecurity point of view, it is clear that the danger is on the side of employees. Employees who will return to the office order and resume using their terminals, whereas a few months earlier they were deeply immersed in poor computer security and digital hygiene practices.
This article will also interest you: Deconfinment: Specialists prepare for the return of employees to offices
In this context, business security managers and it teams are preparing for this great comeback. The stakes here are huge and it must be admitted the cyber criminals are on the lookout for the slightest let go. Vincent Riou, Associate Director at CEIS, noted: "An attacker is opportunistic by nature. Most grab the ball and target weak companies and start with social engineering measures by taking access from a company account. This uses mental resources such as curiosity, fear or worry. This effect has been reinforced by the fact that some security teams have been placed out of work. This has led to a sudden change in companies and has made attacks easy. ».
As has been observed by computer security specialists, not all cyberattacks were triggered during telework and containment. Some are still underlying and waiting for the right moment to burst. And we are facing a more than likely scenario. During the two months of containment, with the explosion of remote work and the massive use of collaboration tools, security vulnerabilities opened up, the attack surface widened and cyber criminals inevitably took advantage of users' weaknesses. This allows us to deduce with great certainty that it is not all over yet.
All this is likely to increase the pressure on the business side, which today are divided between the question of continuity and the problem of the resumption of activities. "Companies are currently facing three types of pressure. They are witnessing an external transformation of the environment with a strong psychological dimension with the creation of many fake sites on the Covid19. This has created an environment of fear and panic. They are also witnessing an internal transformation with more telework, which can create cybersecurity problems. But the economic issue remains central to the management of particular resources because budgets are much more constrained." Explains Guy-Philippe Goldstein, Researcher, Cyber Strategy Consultant and Author. According to several U.S. security-affiliated companies, about 2,000 malicious websites have been found to mislead Internet users either to steal their personal information or to extract money from them. This explosion of the exacts of cyber malice requires a high level of vigilance. This is demonstrated on the ground, with cyberattacks targeting almost all types of organizations, but in particular health and medical infrastructure.
In the face of the increasing degradation of the cybersecurity environment and other IT sectors, it is necessary to implement all kinds of means to avoid sinking a "digital middle age", as Guy-Philippe Goldstein explains to us. The latter is held by the member of the Cigref and CTO and CISO of the Lagardère Group, Thierry Auger. He said: "Future measures should be anticipated. In particular, by providing users with the right means and workstations. You have to be able to manage all the populations in telework. For example, VDI allows everyone to join a company's information system. Virtual private VPN networks create bandwidth congestion. Therefore, going through the web has an impact on cybersecurity because it creates weaknesses."
The next few months will therefore be difficult for everyone.
Now access an unlimited number of passwords: