CVS Inverclyde's John Chapman provides some advice to help the sector ensure it remains cyber secure, particularly at this time.
The National Cyber Security Centre (NCSC) is the authoritative body for cyber security advice in the UK. The NCSC produces advisories regarding the current security risks and remediation advice, and its website splits up advice into sections for various sizes of organisations – from individual use through to large enterprises.
It has also provided COVID-19 advisories to highlight specific issues arising during the pandemic. We would recommend you check the NCSC for reliable, well-structured information.
Right now, the biggest concerns raised by the NCSC are:
Phishing attacks and scams have "rebranded" to play on people's fears and uncertainty about COVID-19. Usual precautions apply: don't give out passwords, don't click strange links, don't download attachments. These can also come in the form of SMS messages (smishing).
Fake COVID-19 "tracking apps". There are reports of several such apps springing into existence. Some are illegitimate and being used to collect personal data from users. They might not necessarily ask for banking details or passwords, but this data is often used in follow up scams to give the scammer apparent legitimacy. The advice is to not download apps unless recommended by a solid authority, such as the NHS or Scottish Government. It is also recommended that people install a good antivirus app – several are available.
Working from home creates a whole bunch of security considerations. Organisations should review their IT security in terms of storing, accessing and transferring their information. They should also be ensuring they use strong passwords for their Cloud services, running a firewall and any antivirus software.
Also, click here to check out NCSC advice on how to use video conferencing securely.