We live in exciting times, COVID-19 has taken the world by storm, and as part of efforts to curb the spread of the disease, the pandemic has forced organisations to adapt to working remotely quickly.
Currently, working from home has become a new reality for organisations and their employees. As convenient as this may sound, it is fraught with its challenges.
From a cybersecurity perspective, working from home presents significant risks to organisations because cybercriminals around the world are capitalising on this crisis, and that makes the need to secure the remote workforce an ever-growing concern.
Since the outbreak began, there have been spikes in cyber-attacks as cybercriminals are using COVID-19 as bait to trap organisations and their employees.
To avoid falling victim, organisations must address these challenges without introducing new flaws by implementing and evaluating cybersecurity safeguards/controls.
In this article, we will be talking about some current cybersecurity challenges due to this pandemic as well as tips and recommendations on how to address them.
Phishing is a cybercrime, with phishing, targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, credit card details and passwords. Cybercriminals know we desire more information at this time, and they are using that as bait to get people to click on malicious links via emails and text messages.
These messages often have an appearance of legitimacy and designed this way to pull you in, getting you to click on links that redirect you to malware-infested sites that could steal your personal information, money, or both.
There have been numerous cases of criminals targeting governments and organisations such as the World Health Organization (WHO). The WHO reports a fivefold increase in cyberattacks directed at its staff and email scams targeting the public at large.
In another scenario, due to shortage of health-care-related products such as PPEs, test kits and ventilators, cybercriminals have impersonated sellers and manufacturers of such products and duped not just people and organisations, but also States, out of millions of dollars.
Business Email Compromise (BEC), a specialist type of phishing attack is becoming increasingly prevalent too. BEC attacks are designed to impersonate senior executives and trick employees, customers, or vendors into wiring payment for goods or services to alternate bank accounts.
How can you protect yourself? Here are five things you can do:
- Always verify the source of the message – never swallow anything hook, line and sinker. Pay attention to spellings or grammatical errors in emails or text messages.
- Never respond to unsolicited messages and calls that ask for personal or financial details.
- When entering sensitive information on a website, always verify that you are on a secure and legitimate website. A quick tip is to look out for the lock icon in your browser when you need to enter login details or other sensitive information such as your debit card details.
- Do not click on links from sources you do not know. Act by reporting them. Email service platforms such as Google’s Gmail and Microsoft’s Outlook, give you the ability to report phishing emails, this helps to protect other users from spam and abuse.
- Question everything. Always remember the adage, “if it’s too good to be true, then it probably is.”
The Not-As-Secure Home Environment
As mentioned earlier, one of the fallouts of the pandemic is the shift from traditional working models to remote working. This has led to many individuals using their personal computers to conduct business and carry out work-related duties. These computers might not have up-to-date operating system patches or useful antivirus software, and attackers can easily exploit these vulnerabilities.
It is essential organisations get employees on approved and secure devices to protect not only themselves but also the firm. Also, it is vital to know that while employees work remotely, they are not behind the typical corporate security perimeter. They are not protected by firewalls, no intrusion detection or prevention systems, no proxies etc. and with employees connecting directly to the internet with personal modems and routers, their visibility to attackers increases.
What can be done to prevent this?
- Always ensure your operating system and security software is up-to-date with the most recent patches.
- Avoid free, unsecured, public WiFi.
- If you must connect remotely to your organisation’s network, maybe to login to a corporate application, use a VPN. It reduces your visibility on the internet by creating a safe and encrypted connection known as a tunnel.
- Use Multi-factor authentication. Authentication deals with validating the identity of individuals. It requires users to prove they are who they claim to be. There are three factors of authentication: the knowledge factor or something you know such as passwords, the possession factor or something you have such as tokens, access cards, keys and the inherence factor or something you are such as biometrics – fingerprints, retina.
Consequently, when we talk about multifactor authentication, the idea is having at least two of these factors present when proving your identity to a system. Use cases when logging into emails, corporate applications, and internet banking platforms.
Cyberattacks are nothing new, but in recent times, they have increased in frequency and magnitude. Cybercriminals are not letting this crisis go to waste, and they are working overtime, so organisations must take steps to protect themselves.
Governance and risk management functions must conduct and drive comprehensive risk assessments and business impact analysis for critical functions and processes within the organisation.
Policies around information security, cybersecurity and acceptable use of devices should be up-to-date and disseminated to all employees.
Organisations should test and update their cyber incident response, business continuity and disaster recovery plans. Operating system updates and security software patches must be mandatory.
Critical systems such as servers, core business applications should be monitored. Logs and security events from such systems should be reviewed daily. This will help to identify anomalies or suspicious activities quickly.
Finally, do not forget your people. Humans are the weakest link in the security chain. It does not matter if you have the best technology or the most efficient processes. If your people are not informed, they put the entire organisation at risk.
Now is not the time to cut down on information and cybersecurity training and awareness. Learning interventions such as videos, newsletters, pictures, even games and quizzes go a long way in building a security-conscious culture in an organisation.
These recommendations if implemented, can strengthen the security posture of your enterprise, enabling you to build and maintain a cyber-resilient one.
Ikeja Electric bags Most Philanthropic Disco award
Ikeja Electric Plc (IE), Nigeria’s biggest Electricity Distribution Company has been adjudged the 2020 Philanthropic Electricity Distribution Company of the Year, at an Award Ceremony organized by CSR Reporters, a specialized news publication with concentration on how organizations and well-meaning individuals are giving back to the society.
According to the organizers, the award was given in recognition of IE efforts to give back to the society in which it operates. The citation read that Ikeja Electric was selected because it demonstrated integrity and transparency while engaging in several corporate social responsibility interventions in 2020.
“As you may know, many other companies were also nominated and because of the high caliber of the nominees, the Selection Committee deliberated long hours and gave careful consideration to all of them. Ikeja Electric stood out as a leader who exemplifies dedication to CSR,” the organizers said.
While thanking the organizers for the recognition, IE’s Head of Corporate Communications Felix Ofulue reiterated the company’s commitment to continue giving back to host communities through its Personal-Corporate Social Responsibility (P-CSR) interventions.
According to him: “We will continue to intensify efforts to make meaningful in the lives of the people and the society. Our P-CSR platform enables the company and employees to carry out charitable activities aimed at making considerable impact on the different levels of the society. Under the P-CSR programme, we also have a Volunteer Scheme (EVS) which enables our employees to voluntarily contribute their time and resources towards the wellbeing of the communities in which we operate. These goodwill activities further corroborate our commitment to touching lives in the environment where the company operates. No doubt, this will further strengthen the trust and mutual relationship between the company and communities.”
He also urged the CSR Reporters to increase awareness in CSR activities as it will encourage other companies to recognize and contribute immensely to the development of communities where they operate.
In the recent past, Ikeja Electric has been carry out sustainable CSR initiatives, aimed at enhancing the quality of lives, in the key areas of Youth Empowerment, Healy and Primary Education
Here’s why Leadway Pensure PFA should manage your Retirement Savings Account
With several pension fund administrators to pick from, here are 4 reasons why Leadway Pensure PFA Limited should be your first choice.
Retirement Savings Account (RSA) holders with Leadway Pensure have every reason to smile as the firm continues to deliver excellent customer service and more importantly, high yield on investments.
In October, for instance, all RSA funds across multiple investments in the company outperformed their stipulated benchmarks. RSA I had 32% annualized return against a 25% benchmark; RSA II returned 25% against a 23% benchmark; RSA III returned 20% against a 15% benchmark, and RSA IV returned 18% against a 9% benchmark. This is really impressive, especially during this time of economic uncertainties.
Interestingly, the National Pension Commission has just opened the transfer window for RSA holders to freely transfer from their existing PFA to another one.
This transfer between PFAs can only happen once a year and is designed to help RSA holders assert the right to choose a Pension Fund Administrator with excellent service delivery and great returns.
What this signals is that there is absolutely no reason to keep a fund manager that does not offer competitive returns or does not give you a wholesome pension experience.
With several pension fund administrators to pick from, however, it could be daunting deciding on which administrator to go with. You need not be flustered!
Here are 4 reasons why Leadway Pensure PFA Limited should be your first choice.
- Brand Heritage – Leadway Pensure is part of the Leadway Group, a strong brand that has led the non-banking financial sector for 50 years. You see? Track record is top notch! Beyond that, Leadway Pensure is one of the most capitalized PFA’s in Nigeria with an authorized share capital of N2.0 Billion and shareholder’s fund in excess of N4.0 Billion, unimpaired by losses.
- Competitive Returns – Leadway Pensure has consistently delivered returns above the inflation rate, thereby preserving the wealth of its customers. If you care about the returns on your investments, then Leadway Pensure is the right place to be
- Customer Service – Leadway Pensure has won the best PFA in customer service back to back. Talk about excellent service delivery? Simply unrivaled!
- Accessibility – Online Enrolment Portal, Mobile App, Interactive SMS, Pensure Online (P-Online), SureCal (Pensure Calculator) are all platforms that give you transparent access to your funds and your manager.
With Leadway Pensure PFA, you are assured of returns on investment and value protection from economic downturn.
Need we say more? Choose Leadway Pensure PFA – choose comfort and wealth!
Visit https://joinus.leadway-pensure.com/ to learn more about how to move your Retirement Savings Account to us.
Visa report highlights ecommerce as key to unlocking merchant revenue growth during the festive season
According to the VCA report, most small businesses have taken bold steps to prepare for the seasonal sales activity that kicks-off with Black Friday.
If small businesses can provide easy access to information, frictionless payments, a simple returns policy, and personalized shopping options, they are likely to have an immediate advantage in the marketplace.
This is according to Visa Consulting & Analytics (VCA) report titled Accelerating the shift to eCommerce, where 81% of customers indicated they are willing to pay more for a good customer experience.
“Small and Medium-sized Businesses (SMBs) that leverage eCommerce solutions; which provide excellent online shopping experience for consumers; have the opportunity to benefit from high spend periods like Black Friday and the coming festive season compared to businesses who have not mastered the importance of holistic back-end design of the customer journey,” says Kemi Okusanya, Vice President, Visa West Africa.
The move to increased online shopping comes on the back of most retailers driving their customers online due to different lockdown restrictions that affected in store foot traffic. Visa’s Covid 19 Impact Tracker, released earlier this year showed that up to 68% of consumers were going to grocery stores less often. As the retail sector looks to driving recovery, the approach to periods like Black Friday has also evolved and further necessitated safer, better online payment experiences.
“The impact of a bad payment experience can be devastating. When a shopper abandons an online shopping cart due to checkout friction, the data shows that 67% end up leaving for a competitor or never complete the purchase anywhere, and 59% say they are less likely to shop with that same retailer again,” adds Okusanya.
It’s encouraging that most small businesses (60%), according to the VCA report, have taken bold steps to prepare for the seasonal sales activity that kicks-off with Black Friday. The preparation includes changing their infrastructure and digitizing their business.
“The VCA report highlights how the payment experience is a critical touchpoint – a part of the customer journey, which requires special attention. Each time a potential customer reaches the checkout page, they have a moment to reflect on whether the effort needed to make the payment is equal to the value they get from their purchase. To win prospective and repeat customers, SMBs need to have a digital presence during the discovery and evaluation stages of the customer shopping journey,” concludes Okusanya.
Digital payments provide a convenient and secure way to pay for customers. For businesses, they reduce the friction arising from handling money, limit customer queuing, grow their customer base as a result of enhanced experience and eventually improve sales and profitability. As online shopping becomes the norm for consumers and businesses continue on the road to economic recovery, digital payment and in particular frictionless e-commerce experiences, will become a competitive advantage for small businesses.
About Visa Inc.
Visa Inc. (NYSE: V) is the world’s leader in digital payments. Our mission is to connect the world through the most innovative, reliable and secure payment network – enabling individuals, businesses and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s relentless focus on innovation is a catalyst for the rapid growth of connected commerce on any device, and a driving force behind the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce. For more information, visit About Visa, https://www.visa.com.ng/ and @VisaAfrica.