COVID-19: 5 Cybersecurity Risks You Need to Consider
Remember when we said that cybersecurity is important? Well, now is the time to listen.
As you are probably reading this from your basement, kitchen table, or makeshift office I don’t need to tell you that COVID-19 has changed the way we work literally overnight. Not only do many of us have new, louder, messier and more energetic co-workers (i.e. our kids), we also have to rely more heavily on technology than ever before. In fact, our IT infrastructure is now probably more important than our physical locations.
Over time the network edge, or the defensible point between the outside world and your network, has been slowly evaporating. This reality has never been more apparent than now as most of us have no choice but to access data and systems from our mobile devices or personal computers over whatever internet connection is available.
The risks of using cloud services and mobile computing are no different than they were before COVID-19, but the number of organizations now solely reliant on them is a significant change. For some organizations that were not already set up to work remotely they have had to scramble to develop the infrastructure quickly. Because of this accelerated timeline, security may well be a “future step” as maintaining business continuity and access becomes the priority.
As you might imagine all of these developments have serious implications for our ability to effectively manage cyber risk. Without going too far into detail, here are the top 5 issues that I have been emphasizing that could have serious impacts for most organizations:
- Cybercrime is the first area where we will more than likely see increased criminal activity. The areas of concern are Social Engineering, Funds Transfer Fraud and Invoice Manipulation Fraud, a new technique where criminals intercept and manipulate electronic invoices. Over the past couple of months, during normal conditions, PSA was already seeing a spike in cyber insurance claims from cybercrime. In the current environment we anticipate that this will not only continue, but get worse. We are already seeing this trend grow with new phishing scams designed to take advantage of people during these stressful times.
- Second, and perhaps more relevant than ever is the issue of cyber triggered business interruption. As more organizations shift to working remotely the technology infrastructure is now critical to business operations. If a cyber event or a mistake takes out essential communication systems or applications, businesses won’t be able to operate. This should not be a new issue or concern for most businesses, but when we are solely reliant on technology with no plan C, an extended interruption could result in a significant loss of income during the time of disruption.
- The other related issues to consider is contingent business interruption related to outsourced IT service providers and cloud service providers. If a major provider of cloud services that businesses rely upon is either hit by a cyber-attack or an extended disruption it will have ripple effects across all businesses leveraging those platforms. The good news is that cloud services are reliable and are built to be redundant. This is not a likely scenario, but considering the current unlikely situation we are going through right now I think it has to be considered.
- Credential theft is the next issue on this list that is not new but will undoubtedly become more significant in the coming weeks and months. As more employees work remotely on potentially insecure devices and home networks criminals will be able to more easily steal credentials and access business systems and resources. Unfortunately, during times such as these organizations are sometimes forced into putting operations and stability ahead of security. This could mean standard protections such as Multi-Factor-Authentication may not be enabled in all instances and logging in remotely systems and cloud resources over unsecure internet connections are going to be more common. We will also be more likely to break rules like sharing passwords and following email or phone instructions to troubleshoot IT and log in issues leading to more effective phishing campaigns by bad actors.
- Under normal circumstances detecting incidents and responding to them is difficult. Even if your organization has an incident response plan that guides your actions during a cyber incident, it would probably not work exactly as planned right now. If you have not already done so make sure everyone in your organization knows who to contact if they suspect a breach or compromise. Establish criteria for IT to evaluate cyber events vs. incidents and designate a point person on your leadership team to act as the incident response team lead so IT can escalate issues quickly. If you have a cyber insurance policy you can also check out this quick video PSA prepared to help walk you through the steps of how to respond using your cyber insurance policy.
The conditions are set for a significant spike in cybersecurity incidents so it is important to consider these issues, as well as others that are not new but could have amplified impacts on business under the current conditions. If you would like more information on these or any other concerns please contact Mike Volk at email@example.com.
Need more COVID-19 resources?