Welcome to the next installment of our GCA interview series. We’re joined today by the GCA Global Communications Officer Aimée Larsen Kirkpatrick to talk about the recent Work From Home Campaign that GCA launched with a number of other organizations to help address the security aspects of this new remote environment. Thanks so much for chatting here today Aimée.
Thank you Krista! I’m happy to be here.
Why did GCA feel it important that the Work from Home, Secure your Business Campaign focussed on a subset of specific actions as opposed to directing users to existing GCA tools and recommendations?
The Work From Home, Secure Your Business campaign happened very quickly. It actually started as a blog post in response to the quickly changing dynamic of work. I’m in Seattle, which was the forefront of the US outbreak, and experienced an almost daily change of requirements. I’m already remote, but I saw friends and family required to start working from home with little advance notice. It was clear that few were prepared for this, and certainly not from a security standpoint. I collaborated with our Director of Operations, Shehzad Mirza, to put forward a few simple steps that we could recommend to people to help them shore up their security defenses. The steps needed to be basic – actions that would vastly improve security and could also be accomplished with relatively little IT support, from the home environment. Our recommendations come down to basic cyber-hygiene: keeping systems up to date, using 2-Factor authentication, and using a protective DNS service (Quad9).
The blog post turned into a campaign. After standing up the campaign, we were quickly joined by numerous organizations that wanted to help in this effort.
Wow! What an amazing movement! Congrats on getting so much support for this important effort.
What do you see as the greatest risks for remote workers at this time and what impact is the Work From Home, Secure your Business Campaign having to reduce these risks?
Taking the workforce out of their normal work environment has introduced a huge amount of risk. Some organizations had programs in place for their employees to be able to work remotely, but many others did not. Now with almost everyone working from home on their own personal networks, the potential vulnerabilities are numerous starting with insecure networks and systems that may not have the latest security updates.
Bad actors are taking full advantage of the opportunity to exploit vulnerable businesses. The rate of phishing attacks and malware related to COVID19 is off the charts. People really need to be paying attention to security and doing what they can to mitigate their risk.
It’s difficult to say right now what the impact of The Work From Home, Secure Your Business campaign, but what we can say is that if a business were to follow the guidance and take the actions recommended, they would be in a much better place security-wise.
The coalition partners are working together to help remote workers across the globe take action to reduce their risk of cyber attack. Who are they and how are you working together to amplify, extend and reinforce the campaign’s effectiveness?
We have a coalition of 23 partners from around the world, all of them non-profit (charities) organizations, with a shared goal of helping organizations be better prepared to defend against cyber attacks. You can see who they are by visiting the campaign website: https://workfromhome.globalcyberalliance.org/
We created a basic set of operating principles for the campaign – we agree to support the campaign and distribute through our respective networks and there is no commercial interest. We are asking campaign partners to contribute to the blog and to promote on social media. In addition to the basic campaign messages (Patch to Protect, Sign in Securly, Defend Against Phishing and Malware) we’ve created a resource page to highlight the various resources the campaign partners have put together.
It’s difficult to determine the effectiveness of the campaign at this time, although we are certainly experiencing a steady amount of traffic to the website and on social media. But as far as collaboration goes, a coalition of so many organizations that want to send the same message to their stakeholders is certainly impressive.
No one can be sure when the devastating effects of the coronavirus will subside, when life and work may return to some form of normality - let’s hope this will be very soon. When it does, what do you hope will be the legacy of the Work from Home, Secure your Business campaign?
A couple of things: one, I hope that people start instantiating basic cyber hygiene practices into their daily routine of business. I’ve been at this a long time – and we’re still working to educate people about the basics – what they are and how to do them. Hopefully when business goes back to normal, the state of cybersecurity won’t go back to what it was before, but is a little better. The other thing I hope is that we maintain the collaboration we created with this campaign. Perhaps it’s the beginning of a new era where non-profits are working closer together and are more aligned on how we can achieve greater results by leveraging each other’s strengths.
Thanks Aimee. This is a great program. We invite folks to check out the Work For Home, Secure your Business website here: https://workfromhome.globalcyberalliance.org/
New blogs are posted on social media and to the site every Tuesday and Thursday.
Follow us on Twitter @GlobalCyberAlln and use the hashtags #WFH #workfromhome #workfromhometips
Thank you Krista - it’s been a pleasure.
Thanks. And we also wanted to let you know that this Thursday, in place of our annual Cyber Trends event, we are hosting a series of webinars looking at our Cybersecurity Toolkit for Small Business, (The Work from Home campaign utilises a sub-section of these tools) and a non technical overview on DMARC, you can find out more and register for any of them here:
Cybersecurity Toolkit for Small Business
9:00 - 10:30 BST: https://attendee.gotowebinar.com/register/963691561022294797
11:00 - 12:30 BST: https://attendee.gotowebinar.com/register/6733340344936489228
DMARC 101
13:00 - 14:30 BST: https://attendee.gotowebinar.com/register/283320362892022027
15:00 - 16:30 BST: https://attendee.gotowebinar.com/register/3743945250387073803
Thanks for joining us. Stay tuned for the next interview in this ongoing series.