CYBERSECURITY IN AN UNPREDICTABLE WORLD:

As the world’s attention is consumed by the impacts of COVID-19, cybercriminals have seized the opportunity. TechRepublic paints a vivid picture of the COVID-19 pandemic [1] as “a breeding ground for phishing scams [2], skimming attacks and a host of other cybersecurity nasties” grimly seeking to exploit the situation.  

As IT and HR teams adapt to the new normal of remote working and dispersed teams, cyber-security must be a top priority. From March through to May, IBM X-Force observed a greater than 6,000 percent increase in coronavirus-themed spam [3]. Cybercriminals are using the coronavirus outbreak to drive their business, with virus-themed sales of malware assets on the dark web and even virus-related discount codes, malicious domains and ransomware. 

This is clearly a concern at a time when remote workforces are relying on digital, mobile platforms to interact. In this year’s annual Ponemon Institute and IBM Security Cost of a Data Breach Report, 2020, a full 80% of breached organizations stated that customer personally identifiable information (PII) was compromised far more than any other type of record [4]. While the average cost per lost or stolen record was $146 across all data breaches, those containing customer PII cost businesses $150 per compromised record. In total, this amounted to an average cost of $5.52million (€4.68m) at enterprises of more than 25,000 employees, and a crippling $2.64 million (€2.24m) for small organizations under 500 employees. 

Increased risk working from home

How do these attacks occur? With employees accessing corporate networks via personal devices, hackers can probe Wi-Fi configurations and VPN connections for vulnerabilities. As people congregate on cloud-based productivity platforms, malicious actors can hack in, even disrupting live meetings. In a recent online poll by Threatpost, 40% of respondents reported increased cyberattacks as they enable remote working [5]. 

You’d think, then, that most organizations are mobilising their IT systems to fight back. However, our research has found that the vast majority of organizations we surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all. Even those that are on the ball are being stretched to the limit [6]. 

So, to help get up-to-speed, here’s a checklist from IBM of what you should already put in place:  

• A crisis command centre, with cross-functional members, to proactively track operational health and risk metrics, including employee, client, partner, and third-party-supplier risks
  
  
• An incident response playbook based on live-simulation exercises that test organizational preparedness 
  
  
• Virtual cyber-incident reporting and response, including a preferred set of forensic tools that are remotely deployable, with clear chain-of-custody rules for digital evidence
  
  
• Security for the growing remote workforce, including unified endpoint management for mobile devices and laptops, as well as identity and access management to safeguard users, applications, and data  
  
  
• Access to remote and virtual security experts and analysts who can rapidly extend the security team capacity or make specialized skills and subject matter expertise available on demand. 

With such protocols in place, displaced workers can use the secure equipment and maximize digital safety. The European insurer Zurich has, since the pandemic lockdown, established a dedicated hub as a business resource to manage day-to-day operations when navigating the growing risk associated with COVID-19, monitor threats across entities and launch local and group-level responses [7]. 

Deeper visibility into suspicious activity is needed

As organizations have shifted to incorporate remote work and more disconnected, hybrid multicloud environments, a zero-trust strategy can help protect data and resources by making them accessible only on a limited basis and in the right context [8]. 

Security tools with the ability to share data between disparate systems can help security teams detect incidents across complex hybrid multicloud environments [9]. We find that Unified endpoint management (UEM) [10] and identity and access management (IAM) products and services [11] can help provide security teams with deeper visibility into suspicious activity on company and bring your own (BYO) laptops.  

In times of crisis, effective threat remediation comes down to the ability of individuals to work together on complex problems. Cyber-resilient organizations therefore operate in a continuous cycle of discover, learn, adapt and iterate. As more workloads and users move to cloud operations, accelerated by the current work-from-home requirements, cybersecurity resilience will evolve from a baseline requirement into a driver of a competitive advantage. 

To help IT Security Leaders prepare for the future trends and to better understand where new threats are likely to come from, IBM together with CorporateLeaders are hosting a live and interactive chat with futurist Richard Van Hooijdonk and cybersecurity expert Maxwell Keyte, Security Leader BeNeLux, IBM. Register here, join us, and get prepared. 

Watch the debate

IBM and CorporateLeaders are hosting the Cybersecurity in an Unpredictable World live-streamed discussion on 30th September at 16:00. Discover the cybersecurity challenges businesses will need to protect against now and in the future with our panel.  Led by Richard Van Hooijdonk, futurist and trendwatcher, and Maxwell Keyte, Security Leader Benelux, IBM, moderated by Virginie Claes, former Miss Belgium and TV presenter, we will discuss how to protect your people, IPs and data in the company of the future. 

[1] Microsoft says the pandemic has changed the future of cybersecurity in these five ways, Tech Republic 
[2] Phishing: Why remote working is making it harder for you to spot phoney emails, ZD Net  
[3] The COVID-19 cyberwar: How to protect your business, IBM
[4] Security Cost of a Data Breach Report, 2020, IBM
[5] Coronavirus Poll Results: Cyberattacks Ramp Up, WFH Prep Uneven, Threat Post
[6] IBM Study: Security Response Planning on the Rise, But Containing Attacks Remains an Issue, IBM
[7] Coronavirus (COVID-19) Resource Hub: Transitioning back to the workplace, Zurich
[8] A zero trust strategy needs context-based security, IBM
[9] IBM Cloud Pak for Security, IBM 
[10] AI meets unified endpoint management (UEM), IBM
[11] Identity and access management (IAM) solutions, IBM