How Is Cybersecurity Transforming During a Pandemic?
Providing secure remote access has become a critical component of the digital transformation that we have seen since the beginning of 2020. In the era of personal computers, security solutions not only detect threats but also manage productivity processes by providing end-users with easier access to a large number of corporate web resources.
Major issues created by the coronavirus pandemic include:
- An increase in the number of businesses affected by phishing.
- An increase in cybersecurity budgets.
- Organizations move to the cloud more and more.
- Concepts like Zero Trust start to play major roles.
Improving performance and eliminating threats
Security teams have begun to spend more efforts on preventing new threats and fraudulent schemes. Most of these activities have to do with ensuring secure remote access to corporate resources and applications. Prior to the widespread adoption of teleworking, the security model of most companies was based on the control of devices within the perimeter, as well as physical access to the building and limited access to selected business applications.
During the period of a massive shift to remote work, the use of such a security model proved to be ineffective. So, at the early stage of the pandemic, many companies were exposed to big risks.
The most relevant way to solve security problems associated with the remote work of employees was to limit the use of basic authentication (login/password) in favor of multifactor authentication.
Anti-phishing technologies
In the spring of 2020, many reports showed a surge in attacks related to COVID-19. Criminals have started using the coronavirus theme as a decoy to install various malware types including the Yahoo redirect virus. During this period, phishing attacks posed the greatest threat. Nine out of ten companies were subjected to such attacks. More than half of the CEOs noted that phishing emails posed the greatest risk, and one third admitted that cybercriminals successfully attacked workers in their organizations. It is noteworthy that successful phishing attacks were more often reported by organizations whose resources were located mainly on their own physical servers than those companies with more developed cloud infrastructure.
How security impacts staffing and budgets
While organizations were moving to telework in 2020, security began to have a direct impact on budgeting and HR activities. Companies had to scale their existing and new practices like using multi-factor authentication or adopting the Zero Trust strategy. To recover from the effects of the pandemic, about 60% of companies have increased their security budgets. At the same time, some companies were forced to reduce their overall security costs. These are mostly organizations whose resources are located on-premises.
To contain the growth of costs in the short term, company leaders prefer integrated protection against threats to reduce the risk of hacking, which can cause great damage. They purchase information security solutions that have automation tools that ultimately increase the efficiency of employees.
However, technology alone does not allow us to keep up with all the threats, as well as the challenges associated with remote work. Therefore, a lot of companies are hiring security experts to respond to the threats posed by COVID-19.
Five elements of cybersecurity that the pandemic will change
The pandemic has accelerated digital transformation, and this will soon change the security paradigm.
Element #1
Cybersecurity during the pandemic has established itself as a foundation for digital empathy for remote workers. In a truly short time, millions of people formed the largest remote labor market in history. IT teams learned much more than just VPN scaling. The companies were reminded that security technologies might help to increase productivity and enhance collaboration through inclusive end-user experiences. Improving the user experience while working remotely is a top priority for security business leaders.
Unsurprisingly, providing secure remote access to resources, applications, and data is the most important task. And for many enterprises, implementing a solution starts with implementing multi-factor authentication.
Element #2
The vast majority of organizations are moving towards Zero Trust. In the early days of the pandemic, this model became not just one of the options for an information security strategy but a business priority.
The Zero Trust architecture will eventually become the industry standard. Most companies report that they are in some way in the process of rolling out the new Zero Trust model.
Element #3
Diverse datasets enhance Threat Intelligence. The pandemic has demonstrated the power and scope of cloud computing. The combination of automated tools and people’s knowledge, and their expertise, help to identify new threats exploiting the coronavirus theme. Cloud filters and detection systems alert security professionals about suspicious activity. Unsurprisingly, more than half of cybersecurity executives reported an increase in phishing attacks since the start of the pandemic.
Element #4
Cyber resilience is fundamental to doing business. Cybersecurity provides the foundation for operational resilience as more organizations move to work remotely. To stay safe, enterprises need to regularly assess their risk threshold and their ability to successfully manage all cybersecurity processes through a combination of human and technological products and services.
Cloud computing makes it easy to develop a comprehensive cybersecurity strategy and prepare to respond to a wide range of contingencies. More than half of the leading companies using cloud or hybrid infrastructures report having a cyber resilience strategy for most potential risks, compared with 40% of organizations using only on-premises solutions. 20% of companies that rely primarily on on-premises technology do not plan to create a cyber resilience roadmap.
Element #5
The cloud is now an important prerequisite for security. Sometimes experts think of cybersecurity as a solution that only needs to be deployed on top of existing infrastructure. However, things like COVID-19 dictate their own rules and demonstrate the need for an integrated approach to security for companies of all sizes. Integrated cybersecurity solutions are now becoming a necessity.