The COVID-19 pandemic has presented an elevated level of risk to the cybersecurity of organizations including but not limited to those involved in the manufacturing and distribution of medical supplies. The Canadian Centre for Cyber Security has issued an alert regarding cyber crime and recommends that organizations remain vigilant and take the time to ensure that they are following cyber defence best practices.
While this Alert highlights risks to the medical and health communities in Canada during the COVID-19 crisis, the advice and guidance also applies to other Canadian businesses, particularly those with employees teleworking through VPNs.
The Baseline Cyber Security Controls for Small and Medium Organizations lists a set of lower-cost and lower-burden security controls that businesses including retailers can implement to prevent cyber threats and get the most out of your cyber security investments.
Best practices and recommendations include:
- Have an incident response plan
- Patch operating systems and applications automatically
- Enable security software
- Configure devices securely
- Use strong user authentication
- Provide employee training
- Back up and encrypt data
- Secure mobility
- Establish perimeter defences
- Secure cloud and outsourced it services
- Secure websites
- Have access control and authorization
- Secure portable media