The world has shifted dramatically over the past six months with COVID-19 outbreak. This has accelerated the dependencies on online digital platforms. The erstwhile ‘good to have’ digital capabilities are now a ‘must have’ for businesses in Mauritius and globally. It’s imperative for organisations to have a robust cyber resilience, to avoid risk related to information leaks, data theft or financial fraud. Cyber risk should be treated as an enterprise risk for which Boards need to gauge their risk appetite and seek frequent assurance so that risks are appropriately managed.
In the recent months, we have noticed an increase in newly registered COVID-related domains. Cybercriminals are using these domains to run social engineering campaigns (phishing, spear phishing to impersonate accounts, etc.) to distribute malware, including Trojans and ransomware.
Cybercriminals are exploiting the current situation to lure users to open attachments or click on malicious links. With working from home, the remote access has become a soft target with denial of service (DoS) attacks, seeking to disrupt business operations or to extort money.
It is important for organisations to understand the options that are currently available to support business operations and, at the same time, protect the organisations from cyberattacks.
Also, as employees become the new vulnerable perimeter for organisations, it is imperative for them to take a certain set of actions to protect themselves against emerging cyberattacks. This can be achieved through regular security awareness campaigns for employees and senior executives; these campaigns can be supplemented with cyber attacks/crisis simulation exercises either physically or through Virtual Reality (VR) and gamification platforms.
We also recommend that organisations implement security controls to prevent, detect and respond to threats, given the increased reliance on digital platforms and emerging opportunistic threats.
Vikas is a Partner at PwC Mauritius and leads the Cybersecurity & Privacy and digital practice. He has more than 18 years of experience working in Financial Services, Retail, Hospitality, Telecommunication and Public Sector. He is passionate about the success of his clients, while demonstrating ongoing leadership and commitment to excellence. Read more.