If you suspect an active attack, call us now at 612-399-9680.
If you suspect an attack, call us at 612-399-9680

Cybersecurity and COVID-19: Why You Can’t Afford To Be Complacent

Cybersecurity and COVID-19: Why You Can’t Afford To Be Complacent

If you’re like the average person, you’re probably getting tired of hearing about COVID-19. We all want it to go away, and while we probably understand the need for mask wearing and social distancing, we just wish we didn’t have to deal with it anymore. This overwhelming sense of fatigue is carrying over to many businesses when it comes to cybersecurity and COVID-19.

In fact, there are a lot of parallels between the precautionary measures many individuals are taking due to the pandemic and how a lot of businesses are responding when it comes to cybersecurity. But we urge every company, large and small, not to become complacent. On the contrary, now is the time to batten down the hatches and make sure your network and applications are more secure than ever. 

Why companies must fight the fatigue of Cybersecurity and COVID-19

Ever since the world first heard of COVID-19, cyber attacks have been on the rise at an exponential rate. 

In the first few months of 2020, one report found a 26.3 percent increase in spam and opportunistic detections, a 30.3 percent increase in impersonation, and a 35.16 percent increase in malware. Between February and March, phishing and hacking activity increased by 37 percent, and in March and April, more than 192,000 COVID-related cyber attacks were reported each week. During the week before Easter, Google reported 18 million phishing and malware scams as a result of the pandemic every single day. Yes, you read that right—18 million per day for a week straight. 

Cyber criminals are using the pandemic to their advantage, posing as such entities as the World Health Organization (WHO) and pretending to have information about people’s stimulus  payments in order to trick people into unknowingly handing over access to sensitive data. 

Additionally, the sharp increase in remote work during COVID-19 has opened many new doors for hackers to get into businesses of all sizes. Prior to the pandemic, 16 percent of employees worked from home at least 60 percent of the time. Now, that work from home number has jumped to an astounding 78 percent.

We simply do not have the same security measures in place as in the physical offices where we used to perform most of our work. Remote work cybersecurity risks include phishing emails, insecure personal networks, usage of insecure personal devices, and device theft. 

While many of us fear COVID-19, a cyber attack can spread through your organization faster than a biological virus, and the impact can be just as devastating. Let’s compare a cyber attack to COVID-19

  • A cyber attack can spread nine times faster than COVID-19 (and an attacker can go undetected in your organization for months before striking).
  • A digital virus with a strength similar to that of COVID-19 has the potential to wipe out 20 million infected devices. 
  • Global loss of the internet could cost the world up to $50 billion per day. 

Clearly, organizations have just as much to fear from cyber attacks as we as individuals do from COVID. Yet, even with the increase in attacks, we see many companies not taking the proper steps when it comes to cybersecurity. 

A study conducted by CSO uncovered some interesting statistics that demonstrate that many organizations aren’t taking the proper measures to deal with the cybersecurity risks associated with the pandemic. 

  • 81 percent of organizations feel their existing security infrastructure is equipped to handle the new work from home demands
  • 67 percent feel their security infrastructure was prepared to handle the various types of cybersecurity risks associated with the new business environment created by COVID-19
  • 54 percent reported their company pandemic/resiliency plans prepared them for the current state of affairs

There are two key reasons behind these feelings of complacency and lack of action:

1. While many technologists within companies understand the risks associated with a cyber attack, they have trouble getting the attention of the C-Suite executives. Technologists often struggle trying to translate security issues into business risk.

2. From the executive’s business vantage point, not a lot has changed. As with many individuals, executives know the pandemic is “out there,” but it hasn’t touched many of their businesses personally when it comes to an actual cyber attack. They hear about breaches (just like they hear about people dying from the virus on the news), but they adopt the “It won’t happen to us” mentality.

And then it’s too late. Your business is the victim of an attack and cannot recover. 

5 things every business should do to address COVID-19 cybersecurity risks 

So what should organizations do? In order to avoid the virus with certainty, you would need to remain in a full quarantine state. Of course, most of us aren’t willing or able to do that.

So we assess our risk level. We look at the data about how the virus typically impacts people similar to us, and we determine the risks we are willing to take. 

You can do the same, looking at data about how the recent cyber attacks have financially hurt businesses similar to yours and their long road to recovery. Certain types of organizations are at greater risk of increased damage from an attack. 

A bank, for example, has more sensitive personal and financial data at risk than a beauty salon, but both businesses can suffer enough loss to be forced to close their doors forever. Statistics show that 60 percent of small businesses close within six months of a data breach or cyber attack, so the risk of not being able to recover from an attack is very real. 

Regardless of your risk level, there are certain reasonable protections every business should put in place to better protect and defend against an attack in the wake of the pandemic. What you do on top of these reasonable protections goes back to the risk-based business decision we mentioned above.

The top five precautions every organization should implement are:

1. Vulnerability management 

Computer systems and networks are flawed. They contain bugs and misconfigurations. A vulnerability management service identifies the vulnerabilities in your applications and networks and prioritizes them so you can properly divert resources to the most serious threats. Vulnerability management also enables organizations to identify trends in a company’s overall vulnerability program, so you can improve performance over time. 

2. Cybersecurity awareness training 

No matter how many tools are in place to prevent a cyber attack, your defenses are weak if you haven’t properly trained your employees. The human side of cyber attacks is very real, with some studies finding that as much as 90 percent of data breaches are caused by human error.

It is critical for organizations to conduct thorough cybersecurity awareness training on a regular basis in order to build a human firewall against an attack. Consult our 8 tips for a successful cybersecurity awareness training program for more details on this topic. 

3. Proper endpoint detection and response (EDR) software 

Endpoint detection and response (EDR) tools detect, investigate, and remove malicious software that penetrates any devices within your network. They help improve organizational visibility into overall network health and the health of each specific device in use. EDR software remediates endpoint penetrations rapidly and helps prevent the loss of data and network system failures. 

4. Network monitoring 

Organizations should proactively monitor the network for malicious activity. Logs should be gathered and analyzed for your email service and hardware. Companies should also review current configurations for network architecture devices such as switches, routers, firewalls, and other identified hardware. All tooling should be monitored for suspicious activity, and threat-hunt tooling should be used to validate asset lists. 

If you’re unable to implement these measures with internal resources, consider turning to an external cybersecurity expert who can conduct regular monitoring on your behalf. 

5. Virtual Chief Information Security Officer (vCISO) 

In today’s world, every company needs a Chief Information Security Officer. We would argue it’s even more important than a CIO. We recommend a virtual CISO (vCISO), so you can reap all of the benefits of a CISO at a much lower cost. 

A vCISO understands you cannot bolt security on at the end. It has to be built into your systems and network from day one. They can help you strike the right balance between budget, risk, and functionality, so your organization is better protected from an attack. A vCISO will also make sure your cybersecurity program continues to evolve, so your defenses stay strong as cyber threats change over time. 

While we will develop a vaccine for COVID-19 and hopefully get the virus under control, it isn’t going to disappear. And neither will cybersecurity threats to your business. You need to make it difficult enough for an attacker to get into your networks and systems, so they turn their attention elsewhere. 

Those who are complacent in their cybersecurity efforts are the ones who will become the victims of an attack. Make sure you wear a mask, socially distance, and, at the least, implement our five base-level cybersecurity precautionary measures to keep yourself and your business safe. 

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest
NEWSLETTER
Subscribe To Our Blog
Blue Team Alpha - First 5 Things You Need To Do
FREE DOWNLOAD
Ransomware Response Checklist