The Impact Of The Pandemic On Business Cyber Security

Uploaded on 2020-07-20 in BUSINESS-Services-Health & Welfare, FREE TO VIEW, JOBS-Training

The Covid-19 pandemic has fundamentally changed the way the world operates. In addition to placing unparalleled pressures on healthcare systems across the globe and introducing significant limitations to our daily lives. Arguably, the cyber security industry has never had a more important role to play than keeping mission-critical organisations and agencies safe from cyber-attacks during the COVID-19 pandemic.

A successful cyber-attack can cause major damage to your business. It can affect your bottom line, as well as your business' standing and consumer trust. The impact of a security breach can be broadly divided into three categories: financial, reputational and legal.

One of the key challenges financial services firms faced was the need to rapidly facilitate a shift to a near 100% remote workforce, leaving some organisations exposed to increased cyber security threats. While most large financial firms previously had implemented robust and secure remote working processes, they were not designed to support the entire workforce.

The need to rapidly move to a new working model drove some firms to quickly modify existing technology. As is often the case, such makeshift approaches may create cyber security gaps while also expanding the number of entry points for cyber criminals to exploit.

As Covid-19 spread, cyber criminals started shifting efforts from focusing on corporate entities to home-based attacks. Established strategies such as phishing and business email compromise (BEC) were successfully adapted and continue to be leveraged during the pandemic, albeit on a much larger scale.

In the US, it has also been observed that phishing and BEC attempts that historically focused on tax related matters at this time of the year, have become increasingly focused on Covid-19 as a key “lure”. The industry-wide switch to remote working also revealed new challenges related to the physical infrastructure at employees’ homes, such as secure printing and wireless networks.

The remote working environment also uncovered new insider threats, as employees started to connect to established infrastructure using devices that do not always have the requisite security parameters in place.

As a result, the industry has seen new risks emerge due to well-intentioned individual employees who, operating under significant constraints, have found new and often creative ways to address technical challenges in order to get their job done, such as using their personal devices and email accounts.

Some firms are already addressing these issues by increasing employee training around cyber security best practices related to home working environments as well as rolling out the most up-to-date protocols for their workforce. So far, the industry has adjusted remarkably well. Firms that were historically slower to augment their cyber security practices have reacted quickly to the increased cyber risks brought forth by Covid-19.

Basic cyber hygiene tools, such two-factor identification, have become much more ubiquitous, while many firms have also enabled secure remote administration of functions that were not previously available off-site. The global crisis has highlighted the impressive computing power of existing systems, which handled the global shift to working in isolation.

Given the interconnectedness of markets and the potential for a single cyber-attack to spread quickly and globally, the financial services industry is arguably more exposed than others, and the contagion effect creates further challenges when it comes to containing attacks and resuming business services.

The full impact of Covid-19 remains unknown, so firms must continue to prioritise their cyber security risk management controls while collaborating with peers across the industry on emerging threats, best practices and sector resiliency. While your employees may pose a security risk, with the right training you can reduce the risk of falling victim to cyber-crime. The important thing is to assess your business, uncover any weak points and communicate the best processes to all staff.

Staff awareness training is the single most important thing you can do to reduce the risk of employee error.

IT Goverenance:        CSHub:        CBR Online:      NI Business Info

All businesses needs cyber security training and we at Cyber Security Intelligence recommend GoCyber training for all employees and management. 

You Might Also Read: 

Some Employees Think They Can Dodge Cyber Security:

 

« Blockchain - A Simple Idea With Complications
Coronvirus Phishing Campaign Targets Six Nations »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

SANS Institute

SANS Institute

SANS is the most trusted and by far the largest source for information security training and security certification in the world.

Tanium

Tanium

Tanium is an endpoint security and systems management company.

2Secure

2Secure

2Secure is one of Sweden's largest private security companies. Service inlcude personal security, corporate security, information and cyber security.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

Combis

Combis

COMBIS is a regional high-tech ICT company focused on the development of application, communication, security and system solutions and the provision of services.

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

US Cyber Range

US Cyber Range

US Cyber Range is a scalable, cloud-hosted infrastructure providing students with virtual environments for realistic, hands-on cybersecurity labs and exercises.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

Ventum Consulting

Ventum Consulting

Ventum Consulting stands for digitalization, networking and agilization. We take this up on the strategic, professional and technical side and support our customers in the digital transformation.