COVID-19 lockdowns across the globe have boosted some of the most common attack types, but also the awareness that businesses must make changes This is according to over 80 per cent of IT professionals polled by Bitdefender.
The security vendor interviewed 6724 security and IT staff across the UK, US, Australia, New Zealand, Germany, France, Italy, Spain, Denmark and Sweden in May.
Some 86 per cent saw an increase in attacks during lockdown, specifically:
· Phishing – 26 per cent)
· ansomware – 22 per cent
· Social media threats and chatbots – 21 per cent
· Cyber-warfare – 20 per cent
· Trojans – 20 per cent
· Supply chain attacks – 19 per cent
Approximately 34 per cent of respondents warned that employees who were working from home were too relaxed about security. This led to concerns over phishing (33 per cent) and accidental data leaks (31 per cent). A third claimed that homeowners care not following protocol by identifying and flagging suspicious activity.
Other risks from remote working highlighted by respondents included third parties who use corporate laptops and devices and the use of personal messaging services for work.
Half said that they had no contingency plan in place for a scenario such as COVID-19.
However, global organisations are taking action to improve cybersecurity readiness and resilience for the future.
22 per cent said they have introduced VPN and adjusted VPN session lengths. At the same time, 20 per cent have shared cybersecurity guides and deployed pre-approved applications and content filtering, while 19 per cent have updated employee training.
31 per cent intend to keep 24/7 IT support once the pandemic recedes and will increase security training. What’s more, 23 per cent said they plan to increase cooperation with key business stakeholders when drawing up cybersecurity policies, and a similar number will increase outsourcing of IT security functions.
Liviu Arsene, global cybersecurity researcher at Bitdefender, believes that customer loyalty, trust and the bottom line will be at risk if organisations fail to get cybersecurity right during the pandemic and in the future.
“COVID-19 has however presented infosec professionals with the opportunity to reassess their infrastructure and refocus on what end users/employees really need and want in terms of cybersecurity support,” he added.
“It is also evident that, despite identifying risks, there is still a need for further investigation into what investments need to be made to ensure that corporate data and employees are both safe from bad actors. While it’s a challenge to make changes now, it will shore up business for the future and many more unknown scenarios.”