Gary Hibberd


Author: Gary Hibberd

Date: 4th May 2020


When news broke that Covid-19 would cause the UK to go into ‘lock down’, it seemed to have come as quite the surprise to many. Yet the announcement didn’t come until almost 3 months after the World Health Organisation (WHO) had announced a global pandemic.

As someone who has written on the topic of pandemics for over 17 years (since SARS), I had been watching the growth of this risk since December 31st 2019.  So when the UK Government announced enforced lock down, Cyberfort and our clients were informed and ready.


Contingency Plans = Remote working

But I know that for many, the news of lock down meant invoking (unwritten) plans which read;

  • Send everyone home
  • Use laptops to work remotely
  • Use Zoom

Now, I’m all for ‘KIS’ (Keeping it Simple), and I’m sure this has worked, in the main. However, it has and is already leading to issues.


Cybercrime – Another virus for us to combat

We all know that cybercrime has been on the increase over recent years. Even the most casual look at crime figures now show that the cost of (global) cybercrime has eclipsed traditional crimes like drug trafficking. In 2019 estimates of the global impact of cybercrime were into the ‘trillions’… and then came COVID19.

Let’s be under no uncertainty, cybercriminals are having a ‘boom’ time right now! Action Fraud reported a 400% increase in calls to them in the month of March 2020. One, mandate fraud incident, cost a company £105,000. Why? Because their finance team aren’t sat in the same office. They’re self-isolating, and aren’t communicating as much as they would when they’re in the office.

Phishing emails have increased dramatically, with Action Fraud again stating they have seen 140 different email campaigns which referenced COVID19.

Cybercriminals are having a great time because they are relying on the fact that most people were ill-prepared. Companies sent their staff home to use home PCs, which weren’t patched or had any malware protection installed, or sent people home with little to no guidance on what to look out for.

Cybercriminals are opportunistic, and there has never been a better time in history to attack millions of people, where the entire world is feeling worried, uncertain and doubtful for the future. Feeling isolated, working remotely, and using devices which aren’t protected means we are left vulnerable.



Remote working does not mean being remote

Yes, you have sent your teams home, but that doesn’t mean they have to feel remote. If you haven’t already thought about some of the safeguards you need to put in place, then consider this your ‘To-Do’ list for the next week.

  • Devise a communication plan to reach out to your team and bring them (virtually) together
  • Hold team briefings/meetings and update them on what’s happening
  • Ask them (individually) about their working environment (is the kitchen table their office now?)
  • Ask them what they need to work securely
  • Agree which platforms are suitable for video conferencing
  • Provide information and training on Phishing and Cybercrime
  • Re-iterate the importance of alerting IT Lead if they spot a phishing attempt
  • Re-iterate the importance of informing Finance Lead if someone asks for transfer of monies
  • Send out copies of Data Protection and Information Security Policies
  • Send them a list of virtual events you’d like them to attend
  • Speak to your IT provider;
    • Ask about ensuring all devices are updated (ie. Patched)
    • Ask about the malware protection in place
    • Ask about the backup processes and see if you can carry out a test

These are just a few actions you should be taking now if you haven’t already.


Forewarned is forearmed

Cyberfort took these actions, and many more before the lock down was announced. I offer the following information as additional steps for you to consider taking now, in the near future or adding to your Emergency Response Plan (ERP).

In the run-up to the lock down, our Emergency Response Team (ERT) met to discuss a number of things. But our watch phrase was

“Quiet calm deliberation disentangles any knot.”

In a series of meetings we met to;

  • Consider the impact on our team in the event of a country-wide lock down
  • Sought to identify any people in the ‘at risk’ category
  • Ensure everyone had the correct equipment to work remotely
  • Ensure the software needed was installed and updated
  • Ensure everyone knew which platform(s) we would communicate via
  • Set up distinct channels to ‘chit chat’ on (think of it as an online version of the water cooler)
  • Consider the impact on any internal projects
  • Consider the impact across our client portfolio, and what support we could provide
  • Agree who would catalogue/document every decision and action taken (to review once this is over, and learn lessons from it)
  • Agree who would provide regular updates to internally to our teams
  • Agree who would provide updates to our clients. Providing one voice. One message
  • Agree on the regularity of these briefings, and the format (email vs video conferencing)
  • Put in place a process where teams could report back any impact on them due to Covid-19
  • Put a plan in place to communicate regularly to our clients and suppliers
  • Consider the financial impact on our business and market place
  • Looked closely at our services to see where demand may increase or decrease
  • Looked at the impact of losing key members of staff
  • Looked at the impact of losing 40%, 65% and 85% of particular teams over time
  • Agree the ‘phases’ that the Covid-19 is likely to go through and plan accordingly

Of course, we benefited from having expertise in standards like ISO 22301 (Business Continuity Management), and experience of planning for Pandemics. But what plans actually need is a group of people, willing to spend time together to think ‘the unthinkable’. 

Our Emergency Response Team (ERT), is made up of senior board members, and they were willing to do just that. Importantly these were made up of different departments so that you take into account the people, the physical, the technical and the commercial and the operational aspects of response and recovery.



Yes, there are those who affected a recovery without having pre-planned in the way we did. And I am sure they feel that their plans worked just as well as ours. But I will wager that our plans were invoked with less stress, cost, and (ultimately) long term damage.

The most important of these is the stress which comes from a lack of planning. I liken this to going on holiday (you remember those, right?); If someone told you, you had just 1 hour to pack. You’d still be on that plane! But it would be stressful, and you would forget something, leading to additional costs.    

Finally, I would ask you to look closely at the advice I’ve provided and the actions we took. You’ll notice that only a small proportion is IT related.

We are in the grip of a very human virus. It’s insidious and is causing harm and distress to those families it touches. But I’m not talking about Covid-19, I’m talking about Cybercrime.

Covid-19 can (we hope) be combated with isolation and social distancing.

Cybercriminals thrive where people are distant and isolated. The cure for this virus is human connection. Even where that connection is virtual.

Other resources

Case studies

Our cyber consulting team works with clients from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here. Learn more >


See what our team have been discussing around current issues in regulation and data security, and recommended processes and policies that will benefit your business. Learn more >


In our collection of whitepapers, Cyberfort’s cyber consulting experts explore issues from cyber threat intelligence to incident planning and data security. Read our whitepapers to help make informed decisions for the benefit of your business.Learn more >