Hackers thrive in uncertain times, and often strike when organizations are distracted or as businesses significantly alter their operations—and the COVID-19 pandemic is no exception.
In response to state-mandated closures of nonessential businesses, employees have been instructed en masse to work from home. Beyond interrupting daily routines, working remotely also means residential networks aren't protected by the same level of cybersecurity as employee offices. Meanwhile, organizational decision-makers have their eyes on the economy, potential disruptions to their business, and maintaining communication, rather than doubling down on protecting their sensitive data.
As a result, security is an afterthought for some, and cybercriminals are taking advantage.
"This global crisis is an emergent vulnerability in the broadest sense possible," Lukasz Olejnik, an independent cybersecurity researcher and consultant, told WIRED. "The current situation poses enough challenges. Any additional undesirable events would just make it more difficult.”
Furthermore, reports suggest cybercriminals are creating thousands of coronavirus-related sites every day, making stressed users are more susceptible to phishing attacks.
If your organization hasn’t addressed its cybersecurity program recently, the time is now. Hackers will always be prepared. Your cybersecurity team should be, too.
Immediate Steps To Take
Why do most digital breaches happen? Believe it or not, these hacks are exacerbated by a simple misconception. Organizations, through implementing simple products and tools like firewalls and anti-virus software, believe they can achieve 100-percent prevention, when that’s not the case.
Truthfully, there is no silver bullet that can prevent every attack; no product or tool can offer an organization complete protection. A security event is bound to happen to every business at some point in time. It's important to be proactive so you can limit the severity of an attack. In practice, that means rapid detection, response and containment.
Think about that in the current context. In “normal” circumstances, five to 10 new vulnerabilities are discovered each week. It's difficult to determine what that number looks like now as hackers ramp up their criminal activities, but it's likely to rise.
That’s why proper cybersecurity, focused on endpoint and network security monitoring, is based on identifying risk and initiating an effective response rather than relying on prevention alone. Monitoring provides the necessary visibility into your systems to address existing vulnerabilities and close gaps before they are exploited. It’s a proactive, not a reactive, approach.
Now, if you don’t have monitoring, it’s a good time to consider implementing it. At the very least you should start a cybersecurity conversation using these three steps:
1. Assess your current cybersecurity measures.
Hopefully you know how well your organization addresses cybersecurity concerns. If you don’t, there are ways to find out. Cybersafe Solutions, for example, has a free Maturity Assessment Quiz. It's designed to give you a baseline score for your cybersecurity posture. A higher score means you have solid protocols in place that dramatically reduce your risk profile. A lower score means you should act—the sooner, the better—to improve your cybersecurity program. It’s a starting point for a greater discussion about keeping your sensitive data safe.
2. Emphasize best practices for cybersecurity.
Imagine this scenario: A suspicious email lands in your inbox, and you suspect it might be a phishing attempt. You communicate with your colleagues and ask for their input. You decide to delete the email, share that you received it, and report the problem to your IT department.
Now, would you replicate that same process at home? You should.
With companies now encouraging, or mandating, employees to work from home, they need to ensure cybersecurity follows them. Be diligent about it, because, as stated in the introduction, hackers take advantage of stressful times.
3. Review your incident response plan.
Don't be left without an answer to the question, "If we were hacked, what would we do, how would we communicate and how would we recover?"
An effective cyber incident response plan covers everything from preparation and education to identification and containment to eradication and recovery. Make sure you implement these keys steps and review them regularly.
Potential Consequences
Here’s a terrifying statistic: The average duration of an incident, from identification to containment, was 279 days in 2019. The longer a breach goes undetected and is allowed to spread, the more damage it inflicts and the more expensive it becomes to resolve. The consequences could be immeasurable, not just to your reputation or how much mitigation efforts cost, but also how it impacts your day-to-day operations, which could suffer immensely.
In fact, 60 percent of small businesses close up shop following a cyberattack—and that was before COVID-19 spread across the world.
Undetected cyberattacks and security breaches are threats to a company's very existence. It is more critical than ever to have the appropriate security measures in place to prevent the worst case scenario from coming true.
The coronavirus pandemic has presented an entirely different challenge than we’ve ever seen before. Make sure in these times of uncertainty, cybersecurity is one less concern.