Does ‘Long COVID’ exist for cyber security?
It is nothing new to hear the pandemic has had an effect on many company’s risk posture. In fact, much like the impact on the world generally, it has torn through the sector turning established models upside down.
Also, much like COVID-19 itself, some are now starting to analyse its lasting impacts on cyber security across the board. One such piece of research was released recently by Microsoft – who took a deep dive into the effects of the pandemic from a budgetary point of view.
Looking at the numbers from a distance shows that most companies have either increased or plan to increase security budgets.
Interestingly, it also uncovers something of a dichotomy in the fact that, while 58% of the 800 senior security staff questioned said they were planning on increasing budgets, 81% also felt pressure to lower costs. This points towards an almost begrudging recognition of the problem by those who hold the purse strings.
Diving into the detail about people’s investment illuminates some interesting trends as to where they see risk coming from. It is no surprise that the majority of budget is being outlaid to negate risks occurring ‘at a distance’ from the perimeter.
This means tools such as VPNs, endpoint protection and MFA have become more in demand, as has securing the biggest remote vulnerability, the people themselves, with education and anti-phishing tools.
Phishing, in fact, was singled out for special attention by Microsoft, who highlighted that their Threat Intel Teams had seen a big spike in COVID-19 inspired attacks. This was proven by the fact that 90% of business leaders said phishing was the biggest risk to security at the moment, with up to 39% of them having been on the receiving end of a successful attack.
What can be done to protect the enterprise from cyber security threats during the pandemic?
As mentioned, the fact that COVID-19 has changed the cyber security landscape is not news to any competent security team. However, what now needs to be on their minds is how they adjust strategy in the long-term to take into account a shifted threat landscape.
The solution to this problem needs to be a fusion of people and technology. Both have moved further outside a nicely definable technology perimeter and protection needs to be bolstered accordingly.
From a human perspective, this means regular training and continual communication to make people aware of emerging threats such as new phishing techniques.
From a technology perspective, there is a need to level up across the board, investing diversely in multiple layers of security. With risk across the threat spectrum rising, isolated point product solutions are insufficient.
This means investing in security solutions that integrate multiple capabilities into a single platform capable of taking a view of threats and attacks in context and reacting at machine speed before they enter the kill-chain. In a world of multi-channel attacks, taking an all-encompassing view is critical.
Given the specific problem highlighted with phishing, it is important that a layered security solution features a progressive email component which contains a full stack of capabilities. These include everything from AV analysis on all emails and checks on both sender and sending server, to more advanced functions such as tracking executive names in address fields.
By taking a rounded view of the risk presented by the shifted landscape, security teams can help their organisations remain flexible and secure regardless of whether the cyber criminal’s targets lie inside the perimeter, or not. This kind of agility is crucial to addressing the threat posed from an uncertain world.