Executive Summary
In response to the global COVID-19 outbreak, many organizations are temporarily moving to remote work. A majority of these firms are not equipped for remote work, but they are being forced into it without preparation. Thus, security gaps are being exposed and many are at risk of falling victim to a cyber-attack. Threat actors recognize this situation and are moving quickly to take advantage. Attackers are using phishing scams sent via email to trick victims into clicking on malicious links and/or attachments. Due to the wide-scale interest regarding COVID-19, attackers are seeing a lot of success with this threat vector.
As firms move to remote work to adapt to the current environment, they are exposing themselves to security risks that they may not typically allow. VPN vulnerability and public non-secure internet use offer two vectors that many companies may typically avoid entirely. To mitigate the risks that are likely new to many firms, there are a number of best practices to follow. For organizations who have considered many of the concerns listed, it is vital to adapt to the new environment to ensure constant security. Remote work standards, VPN security tips, and more are included in the Zyston report.