Linkedin
Facebook
Email
more
Organisations are becoming increasingly confident in their current security measures to safeguard both their company and customer’s data, despite the consistent rise in data breaches and other cyber incidents.
Cyberattacks evolve an attempt to expose any weakness in an organisation’s IT controls, which has become increasingly evident this year during the COVID-19 pandemic. All organisations must be careful not to allow over confidence in their existing controls to create vulnerabilities to evolving threats.
Early 2020 is a prime example of how quickly threats can change and take advantage of vulnerabilities.
As COVID-19 spread across the world and became a global pandemic, cybercriminals deployed persistent campaigns that capitalised on the uncertainty and fear related to the coronavirus and, in some cases, reduced cybersecurity measures because of the surge in employees working from home.
The coronavirus pandemic has made countries across the world more vulnerable than ever to a serious cyberattack due to the increased attention paid to the global crisis. These vulnerabilities extend to small to medium enterprises, where protections are simply not able to reach the level of government organisations or large international businesses. However, the reality is that nearly every organisation is at risk.
In the response to the COVID-19 pandemic, organisations have been forced to rethink how they manage their entire workforce.
Where organisations had robust security controls when working within the office, now have potential weaknesses and vulnerabilities due to the shift to remote working. As the coronavirus worsened, many organisations were unprepared for this transition and the rush to accommodate remote working soon became a higher priority than security.
So while most small to medium enterprises appear to be confident in their existing controls, such as regular cyber security assessments, cyber insurance policies, employee training and dedicated resources to manage cybersecurity – an entirely remote workforce is a very different organisation to manage.
It is important for organisations to reassess their current cyber security posture in these unusual circumstances to ensure they are both identifying and managing the cyber security risks to their business.
Malicious attackers are leveraging this transition period to strike, knowing that remote working has led to potentially strained IT resources and a shift in focus to assisting employees to adjust, rather than implementing and enforcing the necessary security controls. Even with a prior focus on implementing cyber security protections, it is difficult for organisations to stay ahead of the latest attack methods.
The COVID-19 pandemic has caused several cybersecurity challenges for many organisations, but it emphasises how quickly malicious attackers can strike and adjust their strategies to take advantage of potential vulnerabilities.
Small to medium enterprises must be confident in their security posture and ensure they are ready for any scenario by proactively communicating the risks, emphasising where attackers may be lurking, and adjusting security policies as necessary — especially in an extended remote working scenario.
HOW CAN RSM HELP?
Do you need an independent assessment of your cybersecurity posture and maturity? We can assist, contact your local RSM advisor.
This article was adapted from an article published on the RSM US website on 14 May 2020.