Risks of virtually all types have exploded in 2020, courtesy of the COVID-19 pandemic and the brutal recession accompanying it, and—yes—the list absolutely includes substantially heightened uncertainty in the corporate cybersecurity landscape.
Resources are strained in organizations’ Security Operations Centers (SOCs) as corporations have virtualized their workforce. Millions of new remote workers face heightened cyberattacks outside the corporate security perimeter, requiring markedly more help. And supply chains, increasingly reliant on third-party support, are being targeted by skilled hackers while companies are consumed with chronic transportation restrictions and, according to Symantec, have already had to cope with a 78 percent increase in supply chain attacks in pre-pandemic 2019.
Making matters still worse, phishing and ransomware attacks have also spiked, using COVID-19 as bait to impersonate brands, misleading both customers and employees, according to Deloitte’s Cyber Intelligence Center.
Despite all these ballooning risks, unfettered corporations keep driving to digitize their businesses and maximize the Internet as much as possible, almost as if cyber-risks were receding instead of growing and cybersecurity governance were on a holiday. This sparks a key question: Is corporate risk management truly up to the task of relentlessly pushing into an online world never more awash with danger?
The answer is maybe—maybe not. Yes, substantial improvements in cybersecurity in recent years offer hope. Yet there was already considerable room for further improvement pre-pandemic, and obviously materially more now, and the challenges today and in the future are daunting.
To help cope, companies need more already employed troops to join the fray in adopting a more holistic organizational approach—a concerted commitment ranging from the leadership to rank-and-file employees to establish and execute a plan to address cyber-risk management from all corners of the organization. This includes the creation of a serious cybersecurity strategy—one that also includes an assessment of risk tolerance so that resources are invested in the best places to mitigate the pain from select cyberattacks.
A holistic approach helps bury this mindset by underscoring that cybersecurity can no longer remain an afterthought in big strategic decisions about the likes of business models, product mix, M&A and digital strategy. That’s why corporations are starting to come to terms with the reality that they must view data security as an overarching business problem, not just an IT problem. Some companies have adopted this mindset, but mostly only piecemeal. That’s why cyber-knowledgeable rank-and-file employees must also be in the mix. Every corporate employee has to join the cyber-fight to mitigate risk wherever it exists.
It’s important to have employees understand the need for vigilance . Security Awareness Training provides users with ongoing education, teaching them what a suspicious or malicious email looks like, what kinds of tactics and social engineering are used, and ways to avoid them becoming a victim and in turn their employers organisation becoming a victim – COVID or otherwise.
With thanks to the Cyber Defence Alliance and Security Boulevard. The full story is here: https://securityboulevard.com/2020/08/the-covid-19-pandemic-and-other-issues-are-stressing-corporate-cyber-risk-management/
Free Ransomware Simulator Tool
Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?
KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 18 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here’s how it works:
- 100% harmless simulation of real ransomware and cryptomining infections
- Does not use any of your own files
- Tests 19 types of infection scenarios
- Just download the install and run it
- Results in a few minutes!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW