Cybersecurity post COVID-19 “Why nothing will ever be the same”
Written by: Derek Pocoroba
No matter what your views are about COVID-19 and the global issues it caused and for future generations; one thing is for certain, how we do cybersecurity will never be the same post COVID-19.
Phase 1: Panic
Once the reality of the work from home and shelter in place orders came down to the various US states every company, I work with were faced with the same question “how do I get my employees access to the network?”. Now the real answer came down to the level of preparedness that company had. Those who had invested into the IT and had already moved to hybrid cloud environments found the effort minimal. Many, however, who spent years neglecting their IT were in a real tough spot.
During this time, we received countless calls from customers who needed urgent help transferring their business models to adapt to WFH. With this massive explosion of remote workforce and many businesses just “get it done” mentality this now opened pandoras box on insecure remote access/WFH. Threat actors could smell the blood in the water, and it was pretty obvious to many cybersecurity professionals.
Phase 2: Chumming the Water
During this time, we received countless calls from customers who needed urgent help transferring their business models to adapt to WFH. At this phase you had schools and teachers using video conferencing, tele-medicine, families all working from home who had never had to do so. Business had to adapt overnight to change their accounting and business processes. It was this new and strange workplace; things business had been trying to do for years were suddenly forced to happen, and fast t.
The threat actors knew they now had a massive target and attack surface to go after. Whether it was targeting specific COVID-19 news, emails, media, or the business themselves who were going after government-funded programs to help keep their doors open. or the struggling business who were often using insecure and legacy remote infrastructure to get in. We saw a huge uptick in COVID-19 related phishing campaigns, business email compromise, and general account threats to gain access.
Phase 3: Repair
Now that many companies had gotten their foundation WFH under control it was time to go back and “secure it”. Many opened their minds of leveraging the power of software, cloud computing, and rapid deployments happening over days not weeks; awareness training had exploded. Cybersecurity became top of mind for many companies and executives. They saw the big obvious gaps, and most have since tried to reduce their risk by implementing new technology, policy, and process. Things have started to settle out and some businesses are returning to “normal” but a new normal.
Phase 4: The New Normal
No matter what the outcome of COVID-19 will be, it is for sure that our world will never be the same. Many industries are highly disrupted, some will be wiped out altogether or severely impacted. Those who can remain agile, flexible, and adapt will survive and grow, others will not. Will schools ever go back to normal? Will movie theaters make a full comeback? Will retail or sporting events ever be the same? We don’t know, but we do know we cannot go back and view cybersecurity the way we once did.
“We cannot solve our problems with the same thinking we used to create them”
The users now will no longer hide behind highly secure and guarded firewalls. The data will be spread out to support the dispersed workforce. User education becomes critical for a business not to become compromised. Video conferencing will continue to rise and be a target. Identity and privilege will become even more important in your cybersecurity strategy. The cybersecurity industry will have to continue to evolve and come up with new ways to protect users and data. We are professional and business must be open to looking at things different and open-minded. Threat actors are going to continue to exploit the new digital world we are forced to play in and we will be ready for them.