Blog icon

8 April 2020 1 min read

As the outbreak and spread of COVID-19 continues to disrupt health, economic, political and social systems, the risks to online networks are greater than ever before.

The World Health Organisation (WHO) has confirmed that hackers and cyber scammers are taking malicious advantage of the pandemic. Cybercriminals are posing as WHO in fraudulent emails to install malware and steal sensitive information.

With a heightened dependency on global digital infrastructure, ensuring effective cybersecurity measures are in place is more important than ever before.

So what are the risks facing online users? Dr Surya Nepal is a Group Leader and Senior Principal Research Scientist of our Distributed Systems Security team. He shares what organisations need to consider when preparing for the majority of their workforce to work from home.

Cybersecurity considerations amidst COVID-19

The COVID-19 pandemic has led to a large volume of workers moving to undertake their work from home.

Many companies are implementing national guidance to protect their workforce during the COVID-19 outbreak by encouraging staff to work from home. However, the increased use of Bring Your Own Device (BYOD) and connectivity through shared home-environments presents additional cybersecurity risks.

Surya said there are three elements to cybersecurity that need to be considered in order to safeguard IT environments.

1. The human element

According to Surya's research: "The human is the weakest link in cybersecurity."

Social distancing and self-isolation can increase levels of stress and anxiety. These heightened emotions impact the likeliness of human error. Which, in turn, increases the risk of individuals falling victim to phishing attacks or social engineering attacks.

2. Technical preparedness

The more people working from home, the more risk of unsecured connections occurring in these organisations’ networks. There is also a risk of mishandling sensitive data, such as credentials and passwords. Logging in and working online from the potentially unsecured personal devices we use at home can create many vulnerabilities.

3. Data and network security governance and policy

Part of this is making sure employees are informed and educated when it comes to connecting to their network or using teleconferencing. Several approaches to cybersecurity governance exist. However, they are often lacking the insight essential in ensuring organisations can mitigate cyber risks.

Data61's Human Centric Cyber Security team is focusing their efforts on identifying cybersecurity governance needs and remedies.

For the full version of this article head on over to our Algorithm blog.

Contact us

Find out how we can help you and your business. Get in touch using the form below and our experts will get in contact soon!

CSIRO will handle your personal information in accordance with the Privacy Act 1988 (Cth) and our Privacy Policy.


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

First name must be filled in

Surname must be filled in

I am representing *

Please choose an option

Please provide a subject for the enquriy

0 / 100

We'll need to know what you want to contact us about so we can give you an answer

0 / 1900

You shouldn't be able to see this field. Please try again and leave the field blank.