Wednesday 13 May, Leading cyber security specialists Convergent Risks highlight the increasing unseen threat of cyber attacks during lockdown. With the majority of professional services’ firms and the gig economy continuing to work remotely, this is not a problem that is likely to diminish but needs immediate attention to maintain business resilience.
In the recent case of Lady Gaga and Madonna’s New York law firm being hacked, it is believed that the human factor may have played a role in making the confidential client information vulnerable. With many celebrities dependent on their external advisers, demonstrating the existence of a water-tight cyber security policy is vital. And, of course, it’s not just celebrities that are at risk.
“Well-meaning employees working from home can unknowingly be taking cyber security requirements too lightly and this can lead to devastating consequences for employers,” comments Mathew Gilliat-Smith from Convergent Risks the specialist consultancy focused on security, risk and compliance. “Our regular scanning and pen testing with clients indicates that the current working from home environment is leading to a spike in vulnerability that needs to be investigated and closed off to prevent widescale system breaches.”
Setting out the top 5 recommendations to prevent companies from being compromised, Convergent Risks suggests:
- A mix of user awareness and solid anti-phishing defences to help detect when attackers get in and always act on any and all alerts as without action all the warnings in the world are useless.
- An Endpoint Detection and Response (EDR) system and simple anti-virus is useful to detect and alert on dormant malware.
- Application whitelisting is very good at blocking any unknown programs from executing.
- Canaries act like a trip wire and are really useful for warning of threats.
- Monitoring of outbound traffic – a law firm would not regularly be generating 756Gb of outbound network traffic – any decent monitoring application should have been alerted.
Commenting further Gilliat-Smith says “Businesses are creating hundreds of VPN connections for remote home working which, unless well-managed, is where malware can work its way into a corporate network via someone’s home computer. It’s shocking that large numbers of businesses will be putting themselves at risk from cyber attack. These five recommendations together with penetration testing and assumed breach exercises should be as important as maintaining social distancing for all businesses.
Our experience in media and entertainment – working with the Hollywood studios and broadcasters and their supply chains where cyber security has long been high on the agenda – means we are equipped to help all businesses tackle this issue. Businesses can be doing more to reduce the cyber dangers they are exposed to and better protect their confidential data and ultimately their clients. This will save them the prospect of considerable business disruption and reputational and financial pain.”
A full copy of the press release can be downloaded here
ABOUT CONVERGENT RISKS
Convergent Risks is a specialist consultancy focused on security, risk and compliance services. It has a global footprint with offices in the U.S. and UK, and representation across Europe, EMEA, India and the Far East.
A global multidisciplinary team of qualified subject matter experts, including international privacy lawyers, cloud and application security consultants, qualified auditors and seasoned risk and cybersecurity professionals, Convergent is trusted by some of the world’s largest
organisations to handle their most sensitive content and data protection issues and cover all aspects of PII, Privacy and GDPR best practice compliance.
The team draws on its extensive experience in developing and managing secure information asset workflows from both an enterprise and a third-party perspective to empower clients with privacy and cybersecurity best practice solutions. Its reputation has been built on
providing specialist services to help well-known media and entertainment organisations achieve cost effective compliance and data security.
Media contact: Mathew Gilliat-Smith, Convergent Risks