The Coronavirus Pandemic, Cybersecurity & Disaster Planning

Cybercriminals Continue to Take Advantage of COVID-19 Weaknesses to Attack Your Company

Cybersecurity is a topic that engenders strong feelings throughout the business and technology communities, and for a good reason. Companies are spending a significant portion of their annual IT budgets on cybersecurity, yet still falling victim to everything from data breaches to network outages with little recourse for resolution. The Wall Street Journal recently reported that companies are regularly spending between 5-8% of their IT budget on cybersecurity tools and support — a number that is expected to grow dramatically as we ease beyond 2020. The recent challenges caused by the COVID-19 pandemic illustrate the need for expanded security measures that will help protect company networks, whether they are accessed remotely or locally. This dramatic shift in security needs has been echoed around the world, most recently in the US government’s NIST Cybersecurity Framework. With companies struggling to stay afloat and remote work becoming the norm instead of the exception, it stands to reason that IT leaders will need to step up their cybersecurity practices or risk significant network downtime and expensive data breaches.

Impact of the Coronavirus Pandemic on Cybersecurity

While few of the below threats are new, several are rearing their heads again after years of declining activity, such as DDoS attacks. NIST is encouraging CISOs and other IT leaders to foster a culture of cybersecurity, that includes awareness of the potential threats as well as active protection against the most mainstream cyberattacks. Alvarez Technology Group CEO Luis Alvarez discussed a few of the below threats in his recent cybersecurity update, noting that studies show changing employee behavior can reduce the risk of a security breach by up to 25%.

• Advanced Persistent Threat
• Backdoor Trojan
• Distributed Denial of Service (DDoS) Attacks
• Flooding
• Ransomware
• Social Engineering
• SQL Injection
• Worm

Cybercrime Continues to Rise in 2020

Ransomware is a money-making opportunity for cybercriminals, while phishing and social engineering continue to be top methods of compromising your networks. Nearly half of the attacks in 2019 were focused on corporate environments and eCommerce, in areas where hackers expect to see reduced cybersecurity standards when compared to other types of companies. Retail, financial services, and hospitality were top targets for these hackers — but no business is truly safe. Another form of social engineering that continues to expand is Business Email Compromise (BEC), which is often perpetrated on CEOs or senior executives. Cybercriminals are now actively targeting individuals that are working from home, with the perception that the chain of command may be weakened due to the lack of physical presence in a building. Companies are now losing upwards of $17,000 every minute due to phishing attacks, a staggering sum, even for a large organization.

Providing Secure Options for Long-term Remote Work

Even as states are relaxing their “safer at home” policies, it’s quickly become apparent that remote work will continue to be a challenge for organizations of all sizes. These work from home best practices can help reduce the possibility of an attack while still allowing staff members to be as productive as possible outside the office:

• Utilize multi-factor authentication and Virtual Private Networks (VPN)
• Install advanced security tools and services on any machine accessing corporate networks
• Require staff members and customers to utilize complex passwords or phrases
• Provide ongoing cybersecurity awareness training
• Create structured work from home (WFH) policies and procedures — and enforce them

Protecting your company against external threats is only the beginning — you also must ensure that employees, vendors, and customers are protected against risky activities through ongoing education and operational checks and balances. The professionals at Alvarez Technology Group have years of experience helping companies of all sizes mitigate continuing risk and optimize operations, both of which are particularly important during a pandemic. Contact our IT and business experts at (831) 753-7677 or via email to [email protected] to schedule your complimentary initial consultation. Our team will walk through your current security standards and help recommend best practices from our broad base of experience. You can be confident that your team will receive exceptional support and a truly hassle-free experience with Alvarez Technology Group.