It's time to prepare for cybersecurity threats

The pandemic has created a massive ground to breed hackers and bad actors. In early March 2020, many companies considered the transition to remote working to be temporary. And they responded accordingly, doing whatever it took to get employees to work in a remote environment. But this shift to teleworking has heightened increased cybersecurity threats. Home networks do not have the protection of the company’s network. Personal computers are more vulnerable than equipment issued and managed by the company.

The two most common cyber-attacks we have seen affecting manufacturers during a pandemic are ransomware attacks and electronic payment fraud. Both types of breaches often begin with compromising remote access services designed for home employees, such as retrieving email accounts or unauthorized virtual private network (VPN) connections that use affected or stolen employee passwords.

To strengthen vigilance for cybersecurity, manufacturers need to start by thoroughly considering their current security exposure. Review remote access solutions and find out how many employees have access to corporate networks via personal computers. The widespread use of personal computers for the company’s business significantly increases the risk of cybersecurity. For one, the company does not monitor these computers remotely and often lacks sophisticated security protections. So if a hacker can enter a home network and a personal laptop, he may be able to connect to a corporate network.

There are several ways companies should consider protecting systems from this threat. One way would be to expand the company’s security controls over employees’ homes. Get rid of all the insecure remote access tools that the company acquired during the pandemic’s peak and implement high-quality VPN solutions with two-factor authentication. These tools protect company data regardless of the employee’s network.

Implementing connection time-outs in remote systems can minimize the company’s exposure to networks. This is a common approach that many companies have been applying for some time.

Fraud is often associated with recurring, seemingly immaterial financial transactions that few people see. Gaps in control over this type of transaction bring more opportunities for fraud. And just as the pandemic introduced new threats to data security, it also weakened controls on manufacturer fraud when employees began working remotely. For example, who picks up payments from customers who arrive by mail? How many people are involved in processing payments? Who checks the work of the employees who process these payments?

Training employees in awareness and fraud prevention at an early stage of their tenure is imperative based on the current rise in cybersecurity threats and attacks. Employees who know the signs of fraud will be able to help the organization detect problems before they turn into a crisis. It is also necessary to set up a system for reporting irregularities (whistleblower system), as fraud is most often detected through employee tips.