The business world changed in an instant when the COVID-19 pandemic was declared. In order to stay afloat, businesses had to figure out how to get their employees online and then manage this new remote workforce. On top of everything, security still lurked in the background.
In the beginning, the biggest concerns were simply just making sure everyone had secure access to everything they needed in order to get their work done, but as time has gone on, the landscape of concerns have evolved, according to Kevin Lancaster, general manager of security solutions at Kaseya.
Businesses are more vulnerable during this time, and hackers are using it as an opportunity to strike. “Cyberattacks have doubled since January 2020. Phishing attacks alone were up 667% in March and under-trained remote workers are more likely to fall for them, leaving IT leaders with no time to waste in getting every user up to date,” Lancaster said. In addition, he reports ransomware attacks are up 148%, and he sees the number of cyber incidents and breaches increasingly specifically in locations that have been impacted the most by COVID-19.
“Cybercriminals love to take advantage of chaos, and the rapid transition that many companies have made to remote operations during the COVID-19 pandemic has provided them with gaping holes in security to exploit,” said Lancaster.
Jamie Zajac, vice president of product management for Carbonite, an Open Text company, has also seen the number of attacks through Zoom and other video conference solutions jump as well as more sophisticated attacks on the network surface. “Overall, cybercriminals are likely to view this time as an opportunity to gain a higher return and we only expect a further increase in attacks. The need for employees to incorporate best practices and become more aware has never been more important; however, we are seeing shocking figures around the actions taken to mitigate risks,” said Zajac. A recent cyber hygiene report from Webroot revealed that the average American doesn’t properly understand their security risks. “This becomes a more haunting figure under the remote work circumstances we are living in now, as most individuals are under no strict IT supervision,” Zajac explained.
Zajac believes a layered cyber resilience approach is crucial when looking to address evolving security needs. “Today’s IT infrastructure is dynamic as it contains physical, virtual and cloud-based applications, and data storage. A one size fits all IT approach doesn’t work – nor would a single solution for a cyber resilience plan. A broad approach that matches the need of each application and infrastructure layer is needed to ensure that the plan operates correctly and with the main goal of keeping business operations normal. The layers allow for agility and flexibility to cover the business from front to back with endpoint security and disaster recovery,” said Zajac.
According to Zajac, an ideal approach includes:
- Training and educating staff on cyber threats and security procedures
- Blocking and stopping cyber attacks and threats through advanced security solutions
- Protecting and managing devices down to the individual endpoint
- Backing up all files and data in multiple, secure locations
- Having a recovery plan and understanding the amount of downtime the business can tolerate.
“Each element within the plan builds on the other to bring a comprehensive powerful cyber resiliency strategy that is simple, reliable and accessible. And as we look at how companies will operate in the future, these plans and IT policies will need to shift to meet the new business goals and workforce needs,” said Zajac.
Lancaster added that as the pandemic continues, we should expect to see a growth in remote work, and companies should be continually reassessing their cybersecurity readiness. Some steps he recommends include:
- Establishing and communicating updated cybersecurity and data management protocols
- Enabling two-factor authentication for VPN services and other accounts
- Distributing access to trusted VPN services and making it a requirement for employees
- Updating VPN software to ensure it includes the latest security patches
- Identifying and tracking all remote users and cloud application accounts
- Adding Dark Web monitoring so you can find issues before they happen
- Being aware of who has access to critical systems and accounts
- Minimizing direct network connections
- And preparing employees for the most recent phishing attack trends.
“Cybersecurity investments along with continuity of operations plans created pre-COVID-19 might not fit the bill anymore. CIOs and CISOs need to find new solutions fast. The vast majority of companies are still behind the eight-ball in adapting operations and policies that enable them to operate remotely for an extended period of time. One simple, yet vital, solution that is easy to implement is rapid and relevant security training for everyone on your team,” said Lancaster.