COVID-19: Cybersecurity

Your cybersecurity challenges during COVID-19

Ransomware attacks are taking a toll on numerous organisations, and the COVID-19 crisis is causing hackers to shift into high gear. Are you prepared to deal with an incident?

Cybersecurity in particular is very relevant these days, as malicious actors are using the fear, uncertainty and doubt around COVID-19 to create their own epidemic of hacking attacks: we’ve seen over 50,000 malicious domains created in just one week, and every day three to four new large-scale phishing campaigns are launched (of up to 200,000 emails sent at a time), trying to persuade users to click malicious links, enter their credentials on fake websites, or download malware, often masquerading as government announcements, charity or a cure for COVID-19.

 

Your cybersecurity challenges during COVID-19

 Top three cybersecurity priorities 

In this crisis, we see three priorities for organisations with regards to cybersecurity:

  1. Secure your newly implemented remote working practices
  2. Ensure the continuity of critical security functions
  3. Counter opportunistic threats that may be looking to take advantage of the situation

There’s no silver bullet solution to protect your organisation and its IT infrastructure from hackers. However, we do see that implementing basic IT and security hygiene is effective in considerably reducing the risk of ransomware attacks.

Do you have visibility on your entire IT estate, and are all systems fully patched? For many IT teams, this is a huge challenge. Also, have you applied hardening? This is especially key for any system with remote access, or internet-facing applications and services.

Since most attackers use similar kill chains, an increased focus on a limited set of security measures, both in the protection and monitoring dimensions, proves effective in protecting against typical ransomware attacks. For instance, have you implemented a proper end-point protection solution? Different solutions cater to different risks, but as workforces are now working remotely, the bar is raised again.

 

Workforce challenges and incident response in a time of crisis

Workforce challenges and incident response in a time of crisis

Attackers often try to use your people as a first point of entry. How strong is your human firewall? As phishing and business email compromise attacks are on the rise, what have you done to raise and maintain security awareness?

Make no mistake: it's not if, but when! Teams that are prepared for incident response will make a huge difference in speed and efficiency when you get hit. Do you have playbooks to deal with common types of incidents? Do you have the tools to look for indicators of compromise? And, absolutely critical: have you recently tested the coverage and effectiveness of your backup arrangements?

It’s not all doom and gloom: upskilling opportunities

For many organisations, remote working has become the norm for most if not all of their workforce, and VPN and network capacity constraints in some cases have had to be dealt with. As remote working practices need to be sustained for more than just a couple of weeks, the current crisis also represents an opportunity for digital upskilling of the workforce and the introduction or further use of digital (collaboration) tools.

Although some projects have had to be suspended, this can free up resources for other initiatives, like the roll-out of digital signing solutions, or additional virtual collaboration and workflow tools to go beyond remote access to systems alone, to drive progress on the digital transformation of your organisation.

 

How we can help boost your cybersecurity

PwC can help you in all of these domains, with multidisciplinary expertise and a pragmatic proven approach to make change stick. We never focus on technology solutions alone, but always consider the people and process factors as well.

In the current context, we’ve highlighted a number of services that can help you quickly assess key security foundations, mostly remotely, with minimum extra work for your IT teams:

Mail gateway assessment

Cyber criminals most often use phishing campaigns to enter your organisation and spread malware. A mail gateway assessment verifies whether your mail gateway is capable of detecting and quarantining phishing mails with different types of malicious payloads of incremental detection difficulty.

We currently offer this service at no charge. Contact us and we’ll provide you with an activation code and a link where you can launch the test emails, followed by a free consultation to discuss the results. We can also provide you with an effort and cost estimate for a similar assessment of your managed file transfer platform.

Contact us for a free mail gateway assessment 

Configuration assessment

The secure configuration of endpoints (OS), VPN and firewalls limits hackers in gaining control over your IT assets to pivot in your internal network. This is absolutely vital now that most of your people are teleworking.

PwC’s configuration assessments focus on key risks and assist you in identifying and mitigating key security gaps.

Perimeter scan

Hackers are after vulnerable, publicly exposed systems to penetrate your IT environment. Securing and reducing your digital footprint can drastically decrease what’s commonly called the ‘attack surface’. A perimeter scan often reveals systems or services you didn’t know were (still) accessible online, and as a result were probably not properly patched either.

We help you plot your digital footprint and obvious exposure points, providing pragmatic recommendations to improve your security posture.

Network compromise assessment

Malware and ransomware attacks are typically aimed at gaining control of your network. It can take organisations months to realise that hackers broke in, pivoted around their network and stole data, only to notice it when the ransomware is triggered and files are actually being encrypted.

Our threat hunting and network compromise assessment services don’t protect against attacks, but look for indicators of compromise. They help you understand whether an attack is ongoing and can put you a step ahead of the hackers, to secure your network before it’s too late.

We offer several other quick diagnostic assessments (e.g. of your Wi-Fi or active directory, or a phishing exercise). Visit our Cybersecurity and Privacy page for a more comprehensive overview of our services. For an audit or a more general assessment of your current situation, we also offer a broad range of IT risk and assurance services.

Contact PwC Belgian's Crisis Centre for COVID-19

By entering your data for your registration, you expressly accept the processing of your personal data as defined in our privacy statement and understand that, as provided for under the EU General Data Protection Regulation laying down specific provisions for the protection of persons with regard to the processing of personal data, you are entitled to access and correct your personal data and to object to its processing by sending an email to the following address: be.privacy@pwc.com.

Contact us

Ingvar Van Droogenbroeck

Ingvar Van Droogenbroeck

Partner, PwC Belgium

Tel: +32 0477 38 14 45

Bart De Win

Bart De Win

Director, PwC Belgium

Tel: +32 479 46 79 57

Vito Rallo

Vito Rallo

Director, PwC Belgium

Tel: +32 47 311 2830

Hide