Cybersecurity & COVID-19: Negative & Positive Impacts

“If there’s silence, it’s working. If somebody’s screaming, it’s already too late.”

-Dima Zodek, CEO @ Gunbrig Security, DeepDive Technology Group

What is cybersecurity, and why is it so important?

Cybersecurity has never been a buzzword. Still it is one of the most important components for virtually all enterprises today. Cybersecurity is one of the three pillars your IT environment stands on. There are usually no technological breakthroughs when we talk about security. News stories on this topic mostly cover cyber attacks and huge money losses. But such assaults entail not only money, but more valuable things as well. Such as:

  • Downtime
  • Data
  • Reputation
  • Customer relations

Money is one key metric, of course. However, it takes much more than money to restore trust and customer loyalty.

So, it’s understandable why cybersecurity is important, now let us define what cyber security actually is.

Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cybersecurity may also be referred to as information technology security [1].

In simple words, cybersecurity is something that protects your IT environment, and all the data it holds. If there are breaches, there are losses. Cybersecurity is not only relevant for IT departments; it protects the entire company, through every single department, and thus supports the overall business function of the company, and the customers it represents. Cybersecurity stands for the business. 

Cybersecurity And The COVID-19 Crisis

The recent Pandemic that began in 2020 brought attention to the concept of “remote work” to absolutely unforeseen levels.  Employees worldwide started to work remotely from home (some for the very first time), with essentially no proper protection from a cyber security standpoint. This made the organization’s data more vulnerable than ever. If an IT administrator or cybersecurity provider doesn’t pay enough attention to identity management in remote workspaces, hackers will be able to steal information and then blackmail the owners for ransom.

Statistics speaks for themselves:

  • Cybercrime Up 600% Due To COVID-19 Pandemic [2]
  • Between February and May of 2020, more than 500,000 individuals globally were affected by cyber-attacks on video conferencing services alone [3]
  • 35% of recently reported cyber-attacks saw hackers using new & previously-unseen malware, or hacking methods [3]

It is obvious that the Coronavirus gave new opportunities for attackers. But the problem is not in COVID or any other crises. It only shows us that most of the businesses were simply not ready in such quick-shifts in how we work, relying on standard protection methods when remote-from-work policies require companies to develop entirely new ones.  In any company – now increasingly common in the post-pandemic era – there will always be some person or team working remotely, under some circumstances. Remote work may look like a home-office setup, a local coffee bar, a cross-continent business trip, or an across-the-world honeymoon with periodic email checks.  The new work-from-anywhere era raises the question: what are appropriate cyber security practices, policies, and identity management?

Dima Zodek, CEO @ Gunbrig Security, a member of DeepDive Technology Group, shared several key insights as to where the work-from-home cybersecurity challenges lie. From using personal laptops at home, to security weaknesses in home-based IT infrastructure, to WIFI router security limitations. “The whole home setup is vulnerable,” shares Dima. “With all the files that the average employee downloads from the internet that are not monitored by IT administrators, we’re downloading nasty backdoors for hackers, into our computers, and we don’t even know it!” Dima strongly believes that most enterprises are ill-prepared to address the red-flags which the work-from-home movement has created. “It’s not enough to put HTTPS; you cannot rely on SSL certificates; a better way is to protect with VPN channels.” Dima emphasizes the importance of securing your employee’s communication channel with the backbone of your organization’s core services. “Even though we’re going ‘back to normal,’ many employees, teams, and companies will continue working from home, so it’s important that we address the red-flags from a security standpoint,” adds Dima. 

The Good News

It’s not all “gloom and doom.” Security is improving! The global pandemic pushed not only hackers, but faster digital transformation as well.

Enterprises globally far better understand that their systems have weak points. And by simulating attacks and penetration testing, it’s easier to identify them. Knowing the problem is the first step to improving cybersecurity measures.  Companies started paying far more attention to identity management and applying new technologies and tools to reinforce security. Security officers turned from usual tasks to establishing secure connections for remote workforces. This is just the beginning.

Some of the most notable cybersecurity changes caused by COVID-19:

  • Next-generation identity and access controls. Businesses that had not done it earlier are swiftly adding MFA (multi-factor authentication).
  • Cybersecurity awareness. Companies started to educate employees about the basics of cybersecurity, i.e. how to protect themselves from phishing or reducing risks such as during video conference calls.
  • Cloud. Clouds give employees remote access to necessary networks and files. But this is not the only reason for its growing popularity.  Threat-protection controls and cloud-based data leakage prevention has motivated many companies to use this technology.
  • Artificial Intelligence. AI and Deep Learning take the ground. They study the environment and detect any suspicious activity in real-time.
  • Blockchain Cybersecurity. Nowadays it’s impossible to miss the blockchain if we’re talking about cybersecurity. Blockchain creates an almost impenetrable environment for enterprises and their data, and blockchain’s smart contract mechanism won’t allow any transaction that doesn’t meet the requirements to be processed.

There’s certainly been a lot of buzz surrounding the topic cybersecurity over the past two years. The reason for the buzz is simple: there’s been increasing attacks! But every cloud has a silver lining. Enterprise executives now far better understand that security threats are real, inevitable and closer than they appear. It made executives review their cybersecurity policy and accelerated the speed of new protection methods adoption.

In the world of cybersecurity, we say it’s not “if” you’ll be hacked or breached, it’s “when.”

-Dima Zodek, CEO @ Gunbrig Security, DeepDive Technology Group

Conclusion

Cybersecurity is an essential pillar for any and every enterprise. Without it enterprises cannot operate, or run the risk of not operating much longer. Not only are enterprises faced with financial loses when hacked, but business downtime, data loses, complete reputation loses, and customer-relation loses are pains which enterprises are experiencing today – at an accelerated rate.

Cyber-attacks existed for a long time, and they certainly aren’t going anywhere. The encouraging news is that there are new ways of protecting enterprise systems  appearing every day. It’s a never-ending cycle between hackers exposing weak-points, and enterprise technology vendors patching them. Smart enterprises work hard to stay ahead. 

Dima Zodek, CEO at Gunbrig Security, a member of DeepDive Technology Group, says it best: there is no “if” in cybersecurity, only “when.” It’s not “if” your enterprise will be breached, it’s “when.” And companies must prepare adequately. COVID-19 has taught enterprises they have to be ready for unforeseen situations. Preparation means doing things to reduce the risk of being compromised in the first place, and “when” your enterprise “is” compromised, ensuring that you & your business departments are best-prepared to handle the disruption with minimal losses, downtime, or reputation-hits.

So, keep your eyes on the ball and always be ready for the next crisis.

“If there’s silence, it’s working. If somebody’s screaming, it’s already too late.”

References

Thanks to Dima Zodek, for his ongoing thought-leadership on the topic of enterprise cybersecurity.

Dima Zodek, CEO @ Gunbrig Security, DeepDive Technology Group

  1. What is Cyber Security? Definition, Best Practices & More, – https://digitalguardian.com/blog/what-cyber-security
  2. 2021 Cyber Security Statistics The Ultimate List Of Stats, Data & Trends, – https://purplesec.us/resources/cyber-security-statistics/
  3. Impact of COVID-19 on Cybersecurity, Deloitte, –  https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html