The Impact Of The Pandemic On Business Cyber Security

Uploaded on 2020-07-20 in BUSINESS-Services-Health & Welfare, FREE TO VIEW, JOBS-Training

The Covid-19 pandemic has fundamentally changed the way the world operates. In addition to placing unparalleled pressures on healthcare systems across the globe and introducing significant limitations to our daily lives. Arguably, the cyber security industry has never had a more important role to play than keeping mission-critical organisations and agencies safe from cyber-attacks during the COVID-19 pandemic.

A successful cyber-attack can cause major damage to your business. It can affect your bottom line, as well as your business' standing and consumer trust. The impact of a security breach can be broadly divided into three categories: financial, reputational and legal.

One of the key challenges financial services firms faced was the need to rapidly facilitate a shift to a near 100% remote workforce, leaving some organisations exposed to increased cyber security threats. While most large financial firms previously had implemented robust and secure remote working processes, they were not designed to support the entire workforce.

The need to rapidly move to a new working model drove some firms to quickly modify existing technology. As is often the case, such makeshift approaches may create cyber security gaps while also expanding the number of entry points for cyber criminals to exploit.

As Covid-19 spread, cyber criminals started shifting efforts from focusing on corporate entities to home-based attacks. Established strategies such as phishing and business email compromise (BEC) were successfully adapted and continue to be leveraged during the pandemic, albeit on a much larger scale.

In the US, it has also been observed that phishing and BEC attempts that historically focused on tax related matters at this time of the year, have become increasingly focused on Covid-19 as a key “lure”. The industry-wide switch to remote working also revealed new challenges related to the physical infrastructure at employees’ homes, such as secure printing and wireless networks.

The remote working environment also uncovered new insider threats, as employees started to connect to established infrastructure using devices that do not always have the requisite security parameters in place.

As a result, the industry has seen new risks emerge due to well-intentioned individual employees who, operating under significant constraints, have found new and often creative ways to address technical challenges in order to get their job done, such as using their personal devices and email accounts.

Some firms are already addressing these issues by increasing employee training around cyber security best practices related to home working environments as well as rolling out the most up-to-date protocols for their workforce. So far, the industry has adjusted remarkably well. Firms that were historically slower to augment their cyber security practices have reacted quickly to the increased cyber risks brought forth by Covid-19.

Basic cyber hygiene tools, such two-factor identification, have become much more ubiquitous, while many firms have also enabled secure remote administration of functions that were not previously available off-site. The global crisis has highlighted the impressive computing power of existing systems, which handled the global shift to working in isolation.

Given the interconnectedness of markets and the potential for a single cyber-attack to spread quickly and globally, the financial services industry is arguably more exposed than others, and the contagion effect creates further challenges when it comes to containing attacks and resuming business services.

The full impact of Covid-19 remains unknown, so firms must continue to prioritise their cyber security risk management controls while collaborating with peers across the industry on emerging threats, best practices and sector resiliency. While your employees may pose a security risk, with the right training you can reduce the risk of falling victim to cyber-crime. The important thing is to assess your business, uncover any weak points and communicate the best processes to all staff.

Staff awareness training is the single most important thing you can do to reduce the risk of employee error.

IT Goverenance:        CSHub:        CBR Online:      NI Business Info

All businesses needs cyber security training and we at Cyber Security Intelligence recommend GoCyber training for all employees and management. 

You Might Also Read: 

Some Employees Think They Can Dodge Cyber Security:

 

« Blockchain - A Simple Idea With Complications
Coronvirus Phishing Campaign Targets Six Nations »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Swivel Secure

Swivel Secure

Swivel Secure is an award winning provider of multi-factor authentication solutions.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Quadible

Quadible

Quadible BehavAuth is an AI-platform that continuously authenticates the users, without the need of any input, by learning their behavioural patterns.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

Qualcomm Technologies

Qualcomm Technologies

Qualcomm invents breakthrough technologies that transform how the world connects, computes and communicates.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

Cyber Security Operations Consulting (CyberSecOp)

Cyber Security Operations Consulting (CyberSecOp)

CyberSecOp is an ISO 27001 Certified Organization which provides cyber security operations services and risk management consulting.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

Telarus

Telarus

Telarus is a Technology Services Brokerage that holds contracts with the world's leading cloud voice, contact center, cybersecurity, mobility and IoT providers.