The current COVID 19 crisis has led to an exponential increase in the numbers of WFH – people working from home – to safeguard public health. At the same time, there is an increased risk in terms of Cybersecurity.
This is predominantly caused by two factors:
- The re-distribution of workplaces away from the office and the spike in using virtual collaboration platforms has substantially widened the attack surface. This can threaten the digital infrastructure we now rely on more than ever for business continuity. It could even threaten critical infrastructure and provision of critical services, if not addressed pro-actively.
- The COVID 19 crisis provides adversaries with new opportunities for targeted attacks, whether these are phishing emails or targeted scams. These tactics are intended to take advantage of citizens who are naturally concerned about their health and safety and are particularly vulnerable.
Hence, it starts with you: stay safe and stay secure. To do so, follow these eight tips for cybersecurity in the home office:
Bring home only the devices and information that are absolutely necessary
The best way to protect information or devices against loss is by not removing them from their accustomed company environment in the first place. This way, they won’t get lost in transit or in your home. So, make sure you take home only the devices and information that you really need.
Safeguard your home network and communicate via secure connections
Because you’ll be using your private network at home, you’ll have to protect it accordingly, with strong WLAN encryption, a unique and complex password, and regular updates. Always work via a secure connection established by VPN, especially if you’re also exchanging sensitive information or are accessing the Intranet.
Keep the software on all your devices up to date
Working from home, company and personal devices use the same network. Data traffic passes through that same router that’s connected many other devices including various smart home appliances which, in the worst case, may not have any up-to-date protection. All these are potential gateways for hackers, which is why it’s recommended that you allow all your devices, whether company or personal, to update automatically.
Switch off voice-controlled smart devices at your home workstation and cover the webcam when you’re not using it
Voice assistants listen to what’s being said in the room and transmit it to the provider. The possibility of these recordings falling into the wrong hands can’t be ruled out. So, such devices have no business being in rooms where you discuss important matters or should at least be switched off. And be sure to cover the webcam on your PC when you’re not using it and be careful what you share via the video function.
Don’t mix personal and business use of devices
Make a clear distinction between devices and information for business and personal use, and don’t transfer any work data to personal devices. This will prevent any unintended outflow of information. As a side effect, it also helps to psychologically separate the time you are “at work” from the time you are “at home”.
Proactively identify all participants in online meetings
Teleconferences and video conferencing tools are an excellent substitute for in-person meetings. At the same time, however, it’s more difficult to verify whether everyone on the line has actually been invited. It’s especially easy for unauthorized persons who have acquired the dial-in data to sneak into large online meetings with lots of participants. That’s why everyone displayed in the meeting software needs to briefly identify themselves, particularly if you’re discussing sensitive topics and sharing presentations on the screen.
Log off when you stop using your devices and store them securely
Even if you’re only taking a short break, lock the screen of your PC and mobile devices just as you would at work so that they aren’t accessible during your absence. And, of course, you also need to safeguard the devices themselves against unauthorized use or even theft when they’re in your home.
Be extremely wary of suspicious e-mails or attachments, particularly if you don’t know the sender
Especially in the familiar environment of your home office, you need to be wary of suspicious e-mails. Studies show that the likelihood of falling victim to malicious intentions is particularly high at home. In addition, do not be pressured by emails asking for immediate action or referring for example to the current COVID-19 crisis. Take your time and examine each e-mail thoroughly before you open it. For more information on phishing e-mails, and COVID-19 scams, for example visit:
https://www.us-cert.gov/ncas/current-activity/2020/03/06/defending-against-covid-19-cyber-scams.
https://www.who.int/about/communications/cyber-security
Overall, with business continuity increasingly based on digital infrastructure, it is more important than ever to revisit organizational measures for more effective Cybersecurity to manage these risks. Key recommendations to do so, especially for Small and Medium Enterprises, are summarized in the booklet “Seeing Cybersecurity as an Opportunity” (https://www.charteroftrust.com/topic/seeing-cybersecurity-as-an-opportunity/).
You may find further resources here: https://www.nist.gov/blogs/cybersecurity-insights/telework-security-basics
PREVIOUS POST
Principle Use Cases – IBM
NEXT POST
Report about Hybrid Threats presented at MSC 2025
You may also like
External Engagement
Report about Hybrid Threats presented at MSC 2025
Navigating Cybersecurity in an Era of Hybrid Threats
As hybrid threats continue to evolve, cybersecurity has never been more critical. The latest Charter of Trust report, launched at the Munich Security Conference, presents exclusive insights from leading CISOs and CSOs across our Partner network. This report provides a comprehensive analysis of the shifting threat landscape and the strategic actions necessary to enhance global resilience.
Key Insights from the Report
- The Growing Threat Landscape: Cyber adversaries are emerging across the globe, leveraging increasingly sophisticated tactics. Advanced threat detection and multi-layered defense strategies are no longer optional but essential.
- Breaking Down Security Silos: Cyber threats are constantly evolving—organizations cannot afford to wait. A proactive, collaborative approach is critical, fostering open dialogue across industries and sectors.
- Leadership in Collective Defense: Multinational corporations have a unique responsibility to lead in both technical defense and talent development, while also advancing zero trust architectures to mitigate risks effectively.
Collaboration as the Foundation of Cyber Resilience
The experiences of Charter of Trust partners highlight the importance of collective action in addressing the complexities of hybrid threats. Operating in high-stakes environments, these organizations provide valuable lessons for improving industry-wide preparedness.
A Call for Unified Action
Hybrid threats do not recognize national or industry boundaries—our response must be equally interconnected. As both prime targets and key defenders, multinational corporations are uniquely positioned to drive unified, strategic action. Initiatives like the Charter of Trust serve as a model for global collaboration, strengthening the cybersecurity ecosystem and paving the way for a more secure future.
We extend our gratitude to the CISOs and CSOs who contributed their expertise to this publication, including: Kyle Oetken (AES), Haydn Griffiths (Allianz), Paul Bayle (Atos), Christoph Peylo (Bosch), Morten Pors Simonsen (Danfoss), Koos Lodewijkx (IBM), Raphael Otto (Infineon), Natalia Oropeza (Siemens), Norbert Vetter (TÜV SÜD)
As hybrid threats continue to evolve, cybersecurity has never been more critical. The latest Charter of Trust report, launched at the Munich Security Conference, presents exclusive insights from leading CISOs and CSOs across our Partner network. This report provides a comprehensive analysis of the shifting threat landscape and the strategic actions necessary to enhance global resilience.
Key Insights from the Report
- The Growing Threat Landscape: Cyber adversaries are emerging across the globe, leveraging increasingly sophisticated tactics. Advanced threat detection and multi-layered defense strategies are no longer optional but essential.
- Breaking Down Security Silos: Cyber threats are constantly evolving—organizations cannot afford to wait. A proactive, collaborative approach is critical, fostering open dialogue across industries and sectors.
- Leadership in Collective Defense: Multinational corporations have a unique responsibility to lead in both technical defense and talent development, while also advancing zero trust architectures to mitigate risks effectively.
Collaboration as the Foundation of Cyber Resilience
The experiences of Charter of Trust partners highlight the importance of collective action in addressing the complexities of hybrid threats. Operating in high-stakes environments, these organizations provide valuable lessons for improving industry-wide preparedness.
A Call for Unified Action
Hybrid threats do not recognize national or industry boundaries—our response must be equally interconnected. As both prime targets and key defenders, multinational corporations are uniquely positioned to drive unified, strategic action. Initiatives like the Charter of Trust serve as a model for global collaboration, strengthening the cybersecurity ecosystem and paving the way for a more secure future.
We extend our gratitude to the CISOs and CSOs who contributed their expertise to this publication, including: Kyle Oetken (AES), Haydn Griffiths (Allianz), Paul Bayle (Atos), Christoph Peylo (Bosch), Morten Pors Simonsen (Danfoss), Koos Lodewijkx (IBM), Raphael Otto (Infineon), Natalia Oropeza (Siemens), Norbert Vetter (TÜV SÜD)
Read more
February 14, 2025
•
Security by Default
Security by Default in view of major Cybersecurity Regulations
Navigate the Cybersecurity Regulation Maze with Ease
The Charter of Trust is here to simplify the complexity and guide you through the ever-evolving regulatory landscape.
In today's digitized world, cybersecurity plays a pivotal role in maintaining global stability, economic resilience, and individual privacy. Various regulations have been implemented to safeguard individuals, businesses, and infrastructure from ever-evolving cyber threats. Each regulation, while differing in scope and focus by region, aims to protect against breaches, data leaks, and other malicious activities that could disrupt operations and compromise sensitive information.
At the heart of the Charter of Trust lies a commitment to sharing best practices. Our Security by Default Working Group has meticulously analyzed vast amounts of regulatory texts to provide a clear and concise overview of security by default adoption across key global regions.
Stay Ahead of Cyber Risks with Expert Insights
Our latest report is a vital resource for organizations aiming to effectively manage cybersecurity risks and protect their assets. Covering major regulations from the European Union, India, Japan, People's Republic of China, Singapore, the United Kingdom, and the United States, this report offers valuable insights into compliance requirements worldwide.
The principle of Security by Default, as advocated by the Charter of Trust, provides a universal standard for organizations to meet compliance requirements effectively. By embedding security measures from the outset, organizations can ensure compliance with regulations, foster trust with customers, safeguard their operations, and strengthen their market position. This approach not only helps organizations meet their legal obligations but also enhances their reputation and competitive advantage.
Strengthen Compliance, Build Trust, and Gain a Competitive Edge
By embedding security measures from the outset, businesses can:
- Ensure compliance with international regulations
- Build and maintain trust with customers and stakeholders
- Safeguard operations from cybersecurity threats
- Strengthen their market position with a proactive security approach
The publication shows that regulators worldwide have taken different approaches to pursuing common cybersecurity goals, leading to varied and sometimes conflicting regulatory frameworks. This complexity can make it challenging for organizations to navigate the cybersecurity landscape and ensure compliance with all relevant regulations.
This document serves as a roadmap to better navigate this complex landscape, thereby highlighting the benefits of aligning current cybersecurity regulations worldwide. It supports the Charter of Trust's mission to create a secure digital environment for innovation. By following the guidelines outlined in this document, organizations can effectively manage their cybersecurity risks, protect their assets, and contribute to a more secure digital world.
Don't get lost in the regulatory jungle — get the clarity you need today and download the full report below
The Charter of Trust is here to simplify the complexity and guide you through the ever-evolving regulatory landscape.
In today's digitized world, cybersecurity plays a pivotal role in maintaining global stability, economic resilience, and individual privacy. Various regulations have been implemented to safeguard individuals, businesses, and infrastructure from ever-evolving cyber threats. Each regulation, while differing in scope and focus by region, aims to protect against breaches, data leaks, and other malicious activities that could disrupt operations and compromise sensitive information.
At the heart of the Charter of Trust lies a commitment to sharing best practices. Our Security by Default Working Group has meticulously analyzed vast amounts of regulatory texts to provide a clear and concise overview of security by default adoption across key global regions.
Stay Ahead of Cyber Risks with Expert Insights
Our latest report is a vital resource for organizations aiming to effectively manage cybersecurity risks and protect their assets. Covering major regulations from the European Union, India, Japan, People's Republic of China, Singapore, the United Kingdom, and the United States, this report offers valuable insights into compliance requirements worldwide.
The principle of Security by Default, as advocated by the Charter of Trust, provides a universal standard for organizations to meet compliance requirements effectively. By embedding security measures from the outset, organizations can ensure compliance with regulations, foster trust with customers, safeguard their operations, and strengthen their market position. This approach not only helps organizations meet their legal obligations but also enhances their reputation and competitive advantage.
Strengthen Compliance, Build Trust, and Gain a Competitive Edge
By embedding security measures from the outset, businesses can:
- Ensure compliance with international regulations
- Build and maintain trust with customers and stakeholders
- Safeguard operations from cybersecurity threats
- Strengthen their market position with a proactive security approach
The publication shows that regulators worldwide have taken different approaches to pursuing common cybersecurity goals, leading to varied and sometimes conflicting regulatory frameworks. This complexity can make it challenging for organizations to navigate the cybersecurity landscape and ensure compliance with all relevant regulations.
This document serves as a roadmap to better navigate this complex landscape, thereby highlighting the benefits of aligning current cybersecurity regulations worldwide. It supports the Charter of Trust's mission to create a secure digital environment for innovation. By following the guidelines outlined in this document, organizations can effectively manage their cybersecurity risks, protect their assets, and contribute to a more secure digital world.
Don't get lost in the regulatory jungle — get the clarity you need today and download the full report below
Read more
February 13, 2025
•
External Engagement
Harmonising Regulation - a CoT perspective
In response to rising cyber threats, governments are enacting new cybersecurity laws and regulations, with some, like the United States (US), moving from voluntary public-private partnerships to more stringent regulatory approaches, while others, like the European Union (EU), are updating existing regulations (e.g. the Network and Information Security (NIS) Directive 2, or NIS 2) and creating new ones (e.g., Cyber Resilience Act, CRA). These efforts often set precedents for other nations, but the lack of international coordination in cybersecurity regulation remains a challenge. This fragmentation, coupled with shortages of cybersecurity talent, risks diverting resources from essential cyber defense to compliance, potentially increasing costs, complexity, and undermining resilience and innovation. Some solutions include reciprocity agreements, adopting international standards, and leveraging third-party assessments to streamline regulations and improve global alignment.
To read the full publication, see the download link below.
To read the full publication, see the download link below.
Read more
October 15, 2024
•
