April 29, 2020 by Greg Meckbach
Brokerages looking to manage their own cyber risk and advise commercial clients about their cyber risks should look to one major golden rule when employees work from home during the COVID-19 pandemic.
“Your family members should not be using your company-issued device,” said Eduard Goodman, Global Privacy Officer of CyberScout.
Absolutely, agrees Philomena Comerford, president and CEO of Baird MacGregor Insurance Brokers LP & Hargraft Schofield LP. “The message of, ‘Keep your kids off your devices,’ is one that we are driving home with every device that we deliver,” she said.
“I have never once let my children on any device that I use for work,” said Comerford, who was chair of the Insurance Institute of Canada in 1994-95 and president of Toronto Insurance Conference (now Toronto Insurance Council) in 2015-16. “I have been religious about it, and they have never attempted to touch my devices. That is one of our golden rules because kids are into anything and everything, and next thing you know they will introduce some horrendous malware on to your computer.”
Goodman and Comerford made their remarks Wednesday during Business Continuity in the Digital Age Part 2: Cybersecurity in a remote world, a webinar hosted by Canadian Underwriter.
With the onset of the pandemic, CyberScout mandated cyber security training for everyone (specifically for work-at-home), even if they had already been working remotely and had previous training.
“We said, ‘You know what? It’s a good refresher for everybody,’” said Goodman. “One of the key learning lessons, as with anything around cyber, is just increasing awareness. Keep beating that drum within your organizations, because it is not always something that is top of mind.”
Since COVID-19 was declared a pandemic, CyberScout has seen an increase in phishing scams, in which criminals try to get employees to click on malicious links, said Goodman. There is also an uptick in electronic funds transfer fraud.
“You have accounting departments working from home and working remotely, still having to pay bills, a lot of uncertainty and discord within organizations as far as that goes.”
Tim Zeilman, vice president and global product owner of cyber for HSB, part of Munich Re, echoed Goodman’s comments. HSB Group’s coverages include boiler and machinery coverage.
Zeilman said his company has seen an uptick in criminals trying to get people to click on malicious links and dupe them into transferring money to criminals. A company’s technology processes, which have been adapted to a working-from-home environment to reduce the spread of the coronavirus, need to be built with security in mind, suggested Zeilman. Security cannot be pushed down the list of priorities below efficiency.