With a large number of employees working from home, now more than ever, businesses are at risk of cyber threats. Coupled with the increased use of devices and less support from IT departments, employees are easy targets to those using COVID-19 in wrongful and disingenuous ways. With 73% of employees working from home not yet receiving any specific cybersecurity awareness guidance or training, more needs to be done by businesses across the board to ensure safety is addressed head-on. Some of the most effective methods to combat against attacks including spreading malware, such as spear phishing include setting up two-factor authentication, enforcing strict password management policies, and educating people on phishing and cyber threats. However, when it comes to building a security program, focusing only on technology and processes puts us in a weak and unbalanced position. Businesses will need four steps in place. First, start at the top and get leadership support, second, conduct awareness training to ensure employees know what needs protecting, third, test the security posture such as through internal phishing campaigns, and fourth, ensure transparency and continual communication. Only then will everyone, on a personal and business level, be able to mitigate the risks that these attacks can cause.  Read Less