The Covid-19 pandemic has upended normal office life, leading to the majority of businesses sending their employees to work from home and resulting in heighted cybersecurity threats. As restrictions are lifted and organisations are planning for long-term recovery and a return to the office, companies and employees should still be aware of potential cybersecurity issues in this time of transition.
One of the major concerns of employees working from home en masse stemmed from the number of devices, the potential that people might use personal devices and the likelihood of insecure wireless networks. Each of these provided points of entry for cyber attackers and could have been the cause of a major data breach. This threat was then intensified by employees that may not have had adequate cybersecurity training; all it takes is one person not spotting one phishing email or text to grind operations to a halt. Hopefully, most organisations have already put security measures in place to mitigate these concerns, from employee training to endpoint protection.
Furthermore, as organisations enact their long-term recovery strategies, there needs to be serious consideration given to how to optimise their cybersecurity management. A recent survey by Dimensional Research for Sumo Logic revealed that over 80% of cybersecurity professionals are suffering from alert fatigue. A shocking 99% reported that high alert volumes were a significant issue for their security teams.
Clearly, this is not feasible for long-term cybersecurity management. Security teams must have a way to prioritise vulnerabilities to protect the organisation, as well as automate certain mitigation actions for common or known threats. Additionally, these decisions should sit within a larger business strategy, working to build a cyber resilient business.
In conclusion, this time of uncertainty is not coming to an end. Rather, it is going into a transition period, leaving many organisations vulnerable to emerging threats as working styles and expectations develop according to the Covid-19 situation. Organisations should therefore not only be cautious and continue to deploy strong cybersecurity approaches, but also take this time to rethink their management plans. Hopefully, by the time the workforce settles into a ‘new normal’ these changes will leave businesses stronger and more cyber resilient than before.