COVID 19 is not only a health crisis of immense proportion – it’s a catalyst driving huge changes to work, the workforce, the workplace, and the associated cyber threat landscape.
In many ways, the COVID-19 pandemic has poked holes in the organization’s preparedness and shown how underutilized cyber or in general technologies are that could have ameliorated some of the worst impacts.
The rise of working from home (WFH) during the COVID-19 pandemic as well as increased staff absence through illness, presents a unique cyber security challenge. Video conferencing and remote monitoring are two technologies that have both been instrumental for at least a decade, but only now are many companies scrambling to figure them out from a cyber-standpoint. The same reluctance has been exhibited with remote working, private access to organization assets – zero trust network access, social engineering, continuous monitoring, and securing an organization’s data, infrastructure, and cloud.
As management’s attention across the organization of all sizes is being diverted onto pressing matters surrounding the supply chain, sales, people and the technology needed to enable WFH, malicious actors are, and will continue to, seek to exploit vulnerabilities across organization’s processes and infrastructure, particularly if they believe detection mechanisms are not being intently watched. Cyber-attacks result in several consequences including extortion, fraud, data breach, and data loss.
Whilst the COVID-19 pandemic dominates the news, in the first half of 2020, we have seen multiple attack vectors targeting organizations and nations using speak phishing, drive-by downloads and misconfigurations.
Predominantly, adversaries are largely still using the same methods of attack as pre-COVID-19, but the opportunities to compromise environments and their respective ecosystem may have changed.
Though these risks have been evolved the ongoing situation emphasizes organizations to look at the following aspects more closely.
A COVID-19 related cyber incident is much the same as any other related cyber incident, but defensive capabilities could be lowered. As the attackers know the situation creates blind spots in defences and offers a longer window of opportunity to achieve their objectives, organizations must re-evaluate their approach. Early detection and rapid response are critical to minimize the potential impact.
The organizations should reflect the following scenarios at a minimum and consider:
To tackle the outcome from the above scenarios, the following measures are the key:
At this point, as the organizations are setting the direction towards the social enterprise, it is an unprecedented opportunity to lead with cyber discussions and initiatives. Organizations should immediately gain an understanding of newly introduced risks and relevant controls by:
Given the complexity of the pandemic and associated cyber challenges, there is reason to believe that the recovery phase post-COVID-19 will require unprecedented levels of cyber orchestration, communication, and changing of existing configurations across the organization.
For many leaders, the first steps they take during this phase will be informed by the necessary series of adjustments they enacted as the crisis erupted and came to a head. For others, it will mean recognizing the missteps taken during the response phase for what they were – and committing a new to continuous improvement.
There is limited precedent into how COVID-19 will impact our technology-reliant business world. Leaders in cyber needs to weigh-in on and continually assess the rapidly evolving risk landscape. Post-COVID, we believe following are the major areas which organizations need to emphasize on from a cyber-standpoint, during potentially protracted recovery period across the globe.