The pandemic has disrupted every aspect of human activity. From grocery shopping to human resources, everything has been forced to change or adapt to this socially distant way of life. Unfortunately, some of these changes have brought about disastrous consequences.
In the midst of all the chaos and lifestyle changes, cybersecurity has suffered the most. Due to rushed continuity plans, the increased reliance on remote work environments, and much more, cyber criminals have been able to take advantage of the lack of order and control incited by the COVID-19 pandemic. But with 2020 in the rear mirror, security experts will have to find new and innovative ways to mitigate the cybersecurity risks affecting organizations and households, including crises that are on the horizon.
The Transition to Remote Work
One of the most tangible changes for modern businesses during the pandemic is the transition to a work-from-home business model. While remote work allows organizations to operate safely and at all, it does present a series of challenges and risks, especially as it relates to home cybersecurity. The rise in pandemic cyber attacks should not come as a surprise, however. By working from home, businesses sacrifice many of the tools that IT leaders rely on to reliably secure their company’s digital assets.
Arguably, the most vulnerable security endpoint of any enterprise is its employees. According to a 2020 data breach incident report, the most dominant data breach method utilized by cyber criminals was social attacks, such as phishing. The reason why these campaigns are so powerful and so successful is that they are able to take advantage of technologically unsavvy employees, access valuable information and system credentials, and do so with very little risk, difficulty, or consequence. That is why it is crucial for security professionals and IT leaders to have as much visibility as possible over company IoT(Internet of Things) devices and networks. Sadly, the efficacy of one’s visibility and monitoring techniques suffer dramatically in remote environments where staffers are using unknown networks, devices, and connections to access sensitive materials.
The concerns of home cybersecurity risks were confirmed in a 2020 study conducted by SwissInfo.ch. In the study, 49% of survey respondents in work-from-home environments admitted to having fallen for a phishing campaign during COVID-19. Similarly, the number of reported pandemic cyber attacks in Switzerland more than doubled its pre-COVID levels. And while it may look as though the governments and businesses are beginning to navigate this world crisis, it may not be the last.
Navigating Climate Change
For all the dangers and implications associated with climate change, it is rarely ever associated with cybersecurity. But like a global health pandemic, dramatic weather and environmental events can have a serious impact on the quality of government, business, and household cybersecurity. Pew Research ranked climate change and cyber attacks as two of the four most concerning threats of 26 surveyed countries. Of the possible threats, including the power and influence of certain countries, the highest median ranked threat – and the top threat of 13 of the 26 nations – was climate change. Cyber attacks were not far behind and bolstered a median threat percentage of 61% across all surveyed countries, which was just 6 points below that of climate change. What this survey highlights is the overwhelming concern each country has towards climate change cyber attacks. What it doesn’t show is how both of them are connected to each other.
In a recent CNET article, writer Dale Smith broke down the rise in extreme weather and climate events as well as the rise in their destructive power. As these events become more frequent and most devastating, so do their consequences. One of the most underreported outcomes of extreme weather events is the negative impact on cybersecurity. Not unlike the social distancing imposed by the 2019 coronavirus, climate change forces businesses to adopt work from home policies and rely on cloud-based technologies. While these are effective at continuing work, the security vulnerabilities of these plans can often be overlooked. For example, cloud computing allows employees to remotely access programs, files, and databases from their home or a remote location. The caveat is that if said employee has their device or network compromised, a threat actor can have remote access to these sensitive assets and materials as well.
Protecting Your Business Beyond 2021
The pandemic and climate crisis have presented incredible challenges for those households, businesses, and government agencies in 2020 and 2021. And while these phenomena may change, their effects will likely never subside. That is why it is imperative for organizations to develop and integrate a 360-degree cybersecurity plan that is adapted to a remote work environment. Fortunately, doing so doesn’t have to be arduous either. With the help of a dedicated and experienced cybersecurity consultant, designing a security system and incident response plan is easy.
About the Author
Anas Chbib is one of the most respected leaders in the security industry, known for his unmatched business ethics, inspirational entrepreneurial spirit, and fierce desire to offer organizations worldwide highly-secured environments in order to ensure business continuity and better service. Anas is currently the Founder and CEO of AGT, a highly respected, international cybersecurity firm.