Cyber Security during uncertainty and recovery post-pandemic

The COVID-19 crisis, although grim, is a great opportunity for governments, businesses and other organisations to come together to think about dealing with cyber threats and strengthening their digital networks.

As significant numbers of people are working from home, ensuring business continuity has become a priority for all businesses. Our homes have now become our new offices and people are looking at creative ways and new systems to work securely and sometimes adhering to untested security threats. Boundaries between work and private life are breaking down as business is being done over home ISPs, on shared networks, printers and other home automation systems, often with Alexa, children and partners listening in on conversations or sharing machines while working for different organisations.

And all this while, new security threats are surfacing every day. Traditional security measures which were set up to support office working, I don’t believe, were built to fully protect remote staff without a little adaption. That means we need to rethink our approach to security right now. Virtual private networks (VPNs) and other similar systems being used by companies for remote work have become the new lifeline for many businesses, extending encrypted networks to our homes. However, many home networks are already infected with malware or compromised hardware that can be exploited for staging ransomware and phishing attacks or cyber espionage.

In the past weeks, there has been a spike in cyber-attacks targeting businesses, government, and medical organisations while they have been busy responding to COVID-19. The World Health Organisation, US Department of Health and Human Services, hospitals in France and Spain and multiple research facilities and businesses around the world have all suffered cyberattacks while their staff have been attending to the ongoing COVID-19 crisis. While the world panics cyber criminals, it seems, are stepping up their game and exploiting any vulnerabilities.

Furthermore, with Governments around the world rolling out contact tracing applications it is forcing people to think about the cybersecurity elements of these platforms and the impact of cyberattacks.

However, this is not cause for further panic. It just means that businesses need to address these issues and talk to experts to find solutions to build protected networks, operating policies and train staff appropriately.

No doubt the lockdown has had a disastrous impact on businesses, many are now thinking about business recovery and resumption and working in the new norm where a significant number of businesses have decided to digitise their operations permanently. The big question here is how can businesses avoid a cybersecurity crisis after lockdown?

Security cannot eliminate all risks. Risks, like solutions, will change every day because cyber criminals too are ceaselessly innovative and adaptive. This makes it imperative to discuss risk early and often, and revisit triage on a regular basis.

Most experts agree that we cannot protect ourselves from everything, but we can surely start thinking about assessing potential risks and defences for future proofing ourselves as best as we can.