COVID-19 and Cyber Risk

By Guest Author : Hala Elghawi

The current circumstance of COVID-19 can increase organizations vulnerability to cyber-attacks, phishing attempts and fraud. All organizations required to exercise caution in that respect to continue functioning normally and efficiently. As many organizations moved to remote working arrangements they are required to make sure they are improving the resilience against cyber-attacks associated with COVID-19 without disrupting productivity.

We are listing below some of important controls to be implemented to improve resilience against cyber-attacks:

  • Employees awareness:

Since human is the most vulnerable asset in any organization, we highly recommend raising employees’ cyber awareness against phishing emails, fraud and cyber-attack. Employees must be instructed to exercise caution around COVID-19 related phishing emails, vishing calls, SMSs, social media content, etc. and must be trained in how to detect these attacks and report any suspicious cyber activity to the right party in the organization.

  • Multi Factor Authentication (MFA):

Using MFA in accessing critical organizations assets or corporate network remotely. Using MFA forms an additional challenge for threat actors, reducing the likelihood of gaining unauthorised access to an account.

  • Prevent software installation:

Prevent users from installing and executing unknown software to reduce the likelihood of malware infection from email or websites and ensure thorough security risk assessments are conducted for any new technology being introduced for remote operations.

  • Access Review:

New access granted or amended access level must be monitored during such circumstance to detect any unauthorised access.

  • Logs Monitoring:

Intensify monitoring capabilities, by retaining detailed logs and ensuring that reporting, alerting and access to logs are available for a specific time depending on the organization size.

  • Data Loss Prevention (DLP):

Ensure Data Loss Prevention capabilities exist to prevent data breaches across all organization’s channels. If a preventive control is not available, disable the file sharing and Copy/Paste functions.

Who is Hala ?

Hala has more than 13 years of experience in banking industry and she is  passionate in Risk management, Controls, Information Security, Technology, Business Continuity Management, and IT Governance. She hold a Master’s degree in Quality Management, and the BSc in Management Information Systems, and I am certified in PMP (Project Management Professional), ISO 27001 Lead Implementer, COBIT Foundation & COBIT Implementation in addition to having a diploma in Risk Management.


Dr. Erdal Ozkaya is a leading Cybersecurity Professional with business development, management, and Academic skills who focuses on securing the Cyber Space & sharing his real-life skills as a Security Adviser, Speaker, Lecturer, and Author. Erdal is known to be passionate about reaching communities, and creating cyber aware campaigns and leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world. He has authored many cybersecurity books as well as security certification courseware and exams for different vendors. Erdal has the following qualifications: Doctor of Philosophy in Cybersecurity. Master of Computing Research, Master of Information Systems Security, Bachelor of Information Technology, Microsoft Certified Trainer, Microsoft Certified Learning Consultant, ISO27001 Auditor & Implementer, Certified Ethical Hacker (CEH), Certified Ethical Instructor & Licensed Penetration Tester. He is an award-winning technical expert & speaker: His recent awards are: CISO Top 50 Award by Security ME Adviser Magazine & (2020) Legend Cybersecurity Pro by GEC Media (2019) Hall of Fame, CISO Magazine(2019) Cybersecurity Influencer of the year (2019) , CISO Magazine Cyber Security Professional of the year MEA (2019) Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the year by MEA Channel Magazine (2015), Professional of the year Sydney (2014) and many speakers of the year awards at conferences. He also holds Global Instructor of the year awards from EC Council & Microsoft as well as Logical Operations. Erdal is also a part-time lecturer at Australian Charles Sturt University Erdal’s Social Media Accounts to follow: Twitter: LinkedIn FaceBook Instagram Amazon He has built and managed CEO IT from scratch into a multi-million dollars National Training & IT Solutions center. With the skills, he has gained, he has introduced & repeated the success with KEMP Technologies, where he was tasked to single-handedly manage the ANZ region and then build the business in the Asia Pacific region. From there he joined Secunia as CISO in Dubai and extended his experience in Middle East & Africa. Beginning of 2016 he joined Microsoft as a Cybersecurity Architect / Trusted Security advisor where he is responsible in the EMEA region. Erdal currently works at Standard Chartered Bank as Head of Infomation and Cyber Security in a Managing Director status.

İlgili Makaleler

2 Yorum

Bir cevap yazın

E-posta hesabınız yayımlanmayacak.

Başa dön tuşu

Reklam Engelleyici Algılandı

ÇözümPark Bilişim Portalı gönüllü bir organizasyon olup tek gelir kaynağı reklamlardır. Bu nedenle siteyi gezerken lütfen reklam engelleme eklentinizi kapatın veya Çözümpark web sitesi için izin tanımı yapın. Anlayışınız için teşekkürler.