Cybersecurity during Covid-19 and challenges to secure work from home technologies.
The extraordinary efforts of many organizations to protect workers and serve customers during the COVID-19 pandemic have also increased their exposure to cyberthreats.
Large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services all present fresh openings, which cyberattackers have been quick to exploit.
Also Read: Leadership in COVID -19 Crisis
The overarching challenge for cybersecurity teams will be protecting their institutions while enabling operations to go on without interruption. For example, cybersecurity teams at companies that provide web-based services to consumers must adjust their security programs to match scaled-up operations while securing a massive shift to work-from-home tools.
As organizations and people have curtailed travel and in-person gatherings, they have shifted a great deal of activity into the digital realm. Workers and students are staying home, using videoconferencing services, collaboration platforms, and other digital tools to do business and schoolwork. In their free time, they are going online to shop, read, chat, play, and stream. All these behaviors put immense stress on cybersecurity controls and operations. Several major vulnerabilities stand out. Working from home has opened multiple vectors for cyberattacks.
Also Read: Economics : Covid- 19 times
A broad shift toward work-from-home arrangements has amplified long-standing cybersecurity challenges: unsecured data transmissions by people who aren’t using VPN software, weak enforcement of risk-mitigating behaviors (the “human firewall”), and physical and psychological stressors that compel employees to bypass controls for the sake of getting things done. The more that homebound employees struggle to access data and systems, the more they will attempt to use risky work-arounds (exhibit).
Cybersecurity teams will need to secure work-from-home systems and test and scale VPNs and incident-response tools. In addition, they may wish to revisit access-management policies so that employees can connect to critical infrastructure via personal devices or open, internet-facing channels.