“Some people don’t like change, but you need to embrace change if the alternative is disaster” – Elon Musk.

The outbreak of Covid-19 has been a global health crisis unlike anything seen in 100 years since the Spanish Flu. It is now widely recognized that self-isolation and social distancing are the best responses to slowing the rate of infection from person to person – popularly known as “flattening the curve.” As a result, businesses have had to accelerate “work from home” policies in an attempt to mitigate the effects of Covid-19 on business continuity. This is putting a highlight on companies’ network security and cyber risks.

Covid-19 will fundamentally shift the way we conduct business in future, certainly from a digital perspective and this change is likely to be permanent. By most estimates, it could be 18 months or longer before a vaccine is found and approved. Epidemiologists also believe that outbreaks are likely to continue re-occurring, with the critical concern being that all the virus need is one host to spread. It is therefore important that companies think closely around the risks (and opportunities) that this change in behaviour will drive.

At Opulentia, we believe businesses should be considering the following issues around cybersecurity in the immediate and long term future:

• Phishing Scams. With news reports filled with Covid-19 reports for 24 hours, and people scouring the web and social media for more information, we have been reminded by the government about the dangers of fake news. People are anxious and looking for answers to the many questions they have. But scammers are aware of this and there has already been a proliferation of phishing emails pretending to be alerts on Covid-19. Companies need to remind employees to remain vigilant and to only open emails from trusted sources. It is also prudent for companies to make sure their antivirus software is up to date to combat these scams which at their worst can compromise an entire network.

• Access points to the business network. As more people work from home companies need to think closely about the exposures to their network that come from people accessing it from various locations. Further to that, what are the physical devices that are being used to access the network? Often, people’s personal computers are far easier to hack than company computers, but equally personal computers did not previously have sensitive company information. If employees are using personal devices, what controls are being put in place to mitigate the chances of those devices being hacked, and compromising the network? It is also important that employees are clued up on the processes to follow should they suspect their device has been compromised.

The above risks are just the beginning of what businesses should be considering in what is a constantly evolving cyber environment. Crucial to note too is that the controls in place are not just around the technical cyber environment but, as in the phishing example, require employees themselves to be more attuned to cyber risks and adjust their behaviour accordingly. This means that it is a companywide approach to cyber risks that need to be considered.

Many of the risks around cyber can be transferred via an insurance policy. The policies can cover a myriad of risks and include solutions such as:

• Incident response giving business 24/7 support on a global scale.
• Third-Party Liability coverage for liability resulting from the loss of personal and corporate information
• First-Party Coverage which is designed to minimize the effect of a cyber event. This might include cover for losses of income due to business interruption or cyber extortion expenses.
• Protection against regulator actions for data privacy breaches.

The world is moving at an incredible speed and businesses need to respond to the changing environment whilst ensuring that the hard work of years gone by is not undone by a lack of preparation. If your business wishes to engage on these matters further, please contact your trusted advisor at Opulentia for more information.