The Post-Covid Cyber Security Challenge

Uploaded on 2021-07-12 in TECHNOLOGY--Resilience, FREE TO VIEW

The social changes, economics, and strategic implications brought on by COVID-19 have changed the work environment significantly. Remote work, once expected to be the future, is now our new reality. Most organisations have been through a lot of changes over the past eighteen months and there is now a heightened cyber security risk. 

Even as we move into a ‘new normal’, the landscape is anything but certain. Organisations need to keep up with this evolving threat landscape, as there are several cyber security trends that are emerging from this new post-pandemic era.

Ransomware has been a key adversary for quite some time and there is no sign of this changing. As a result, we expect to see new initiatives released and developed to counteract this threat. There are several initiatives in development because of collaboration between governments, industry associations, businesses and vendors.

The proposed extension to Know Your Customer (KYC) transparency rules in financial transactions is an excellent example of what can come about as an outcome of this collaboration. 

KYC currently does not include crypto currency transactions but attacks against crypto currency payments are a favourite of ransomware attackers because they are untraceable. Therefore, extending KYC rules to include crypto currency payments is a matter of importance as it will act as a strong deterrent. Collaboration in the development of these initiatives is vital, any organisation that is at risk of becoming the next victim of a ransomware attack will benefit from new initiatives, so it is important that they are supported where possible.

Cyber security needs to become front of mind for all employees, not just those who work in IT. This change needs to spread to the rest of the business so that all employees prioritise security and collaboration, whatever their level and role. 

The natural result of this is that teams will become more open and better at information sharing which will make it easier to spot when there has been a cyber security issue, as everyone will know what is and isn’t normal across the company. The next step of this repositioning of security within the organisation is to acknowledge the impact that working from home has had. At the height of the pandemic, almost all workforces became remote and now, even as companies are gradually starting to return to offices, there will still be a vast network of remote employees.

This rapid and huge shift to remote working at the onset of lockdown restrictions would not have been possible without VPN architectures, but the security governing VPNs is not as strong as it needs to be for the heavy reliance placed on these systems to connect employees to vital applications placed organisations.

Organisations have therefore turned to software-defined wide area networks SD-WANs. These systems now come with integrated security controls, delivering almost the same level of security to remote workers as the head office. These combine network and network security into a single cloud service that is both secure and able to provide the level of connectivity needed to run devices at the edge.

Due to the sudden switch to remote working and cloud service adoption, certain principles of cyber security best practice had to be temporarily overlooked for many organisations. Now that cyber security teams have overcome those earlier challenges in the peak of the crisis, there’s an opportunity to learn from the pandemic to improve cyber security posture long-term.
To succeed in the post-COVID-19 era, technology providers must rethink their strategies and offerings to accommodate a new security landscape.

Human error is an issue of concern. Prior to the pandemic, human error was already a major cause of ‘cyber insecurity’: employees would unknowingly or recklessly give access to the wrong people With home working, the problem is even greater. When they work from home, employees may be interrupted in the work they are doing by family members or social visitors. While the future remains uncertain, organisations are embracing the new normal, and now is the time for CISOs and IT managers to start thinking about how they will continue securing their teams while working remotely. 

In that future, cyber security will be ever more important and the companies that can react quickly to address the changing security demands of the market will ultimately be successful.

Organisations should consider conducting a strategic and tactical IT and cyber security risk assessment. They should identify an enforcement mechanisms, such as multi-factor authentication, single sign-on, and automatic logout from unattended devices. Organisations should also consider blending new cyber security investments with enhanced cyber insurance coverage to reduce their retained risk, optimise spending relative to protection, and conserve resources.

 The post-pandemic recovery and preparation period presents the opportunity for companies to rebuild to a new normal, with enterprise resilience as a pervasive goal.

Marsh:       Deloitte:    BluVentureInvestrors    Govtech:       BrightTalk:     Information-Age:   

You Might Also Read:

Managing Cyber Security As Office Work Resumes:

 

« India’s New National Cyber Security Strategy
Biden Warns Putin The US Will React To Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Galois

Galois

Galois specializes in the research and development of new technologies that solve the most difficult problems in computer science.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Anatomy IT

Anatomy IT

Anatomy IT empowers healthcare providers to deliver exceptional patient care with cutting-edge technology and cybersecurity solutions.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

L&T Technology Services (LTTS)

L&T Technology Services (LTTS)

L&T Technology Services Limited (LTTS) is a global leader in Engineering and R&D (ER&D) services.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.