Friday, May 24, 2024

The Importance of Cybersecurity in The Post-COVID-19 World

Many organizations woke up to the importance of cybersecurity when the COVID-19 pandemic struck and shone a harsh light on the state of cybersecurity. The new constellation of home offices on personal networks and devices created more targets for cybercriminals globally.

There were new security threats, and organizations were not fully prepared to tackle these. The number of cybersecurity risks  facing organizations rose in the far more digitally connected and vulnerable landscape. Thus, shot up the demand for cybersecurity solutions.

We believe that there is no going back to the old ways in the post-pandemic world. Will the importance of cybersecurity change further in the new normal? Let us delve deep into this question:

The Evolving Work Environment in the Post-COVID-19 World

In the pre-COVID-19 era, a vast majority of employees worked from the physical office premises. It was easier to secure the LAN and devices used in the physical offices. Using sophisticated technology and cybersecurity solutions, IT security teams avert major security crises and keep tight control on activities.  

The pandemic struck. Organizations of all kinds shifted into a fully remote working model for business continuity in the face of a country-wide lockdown. The workforce is communicating, connecting to business networks, and accessing resources remotely over vulnerable and even, shared network connections and devices.

There has been an increase in the adoption of cloud-based infrastructure and applications, and online collaborative tools.

Moving forward, we believe that some of the features of the pandemic-time work will follow into the new ‘normal’ in the post-pandemic world. For instance, greater use of cloud-based infrastructure, institutionalized remote working, e-learning/ m-learning, etc.

The Security Challenges in the Post-COVID-19 World

  • Even though several organizations do offer secure VPN (Virtual Private Network) to remote workers, the first point of interface for their device (laptop/ desktop, etc.) is the home network – broadband network/ shared wireless network/ mobile hotspot. These home networks and home wireless routers have rudimentary security configurations and traffic encryption.
  • Often, these networks have weak passwords/ unchanged default passwords and hence, little protection against unauthorized access.
  • Home networks also have multiple other devices that are used for a variety of purposes. Some of these may not be updated and as a result, vulnerable to attacks by hackers.
  • All the users of the home network may not be aware of cybersecurity best practices and may engage in insecure and dangerous practices. For instance, clicking on a fraudulent link that downloads malware and compromises the company’s network.
  • It is difficult for IT security teams to fully control and monitor remote activities.
  • There has been a visible shift in attack vectors from enterprise to home networks. Cybercriminals have been leveraging a wide range of social engineering attacks to gain access to business resources. The number of phishing emails, ad frauds, impersonations, etc. has increased and will continue to increase. Overall, new cybersecurity risks have emerged during the pandemic and will have to be accounted for in the post-pandemic era.
  • Given that many organizations were unprepared/ underprepared for such massive disruption, the cybersecurity solutions were quickly pieced together in the response phase of the pandemic. There was no time for a thorough evaluation of the changing infrastructure or complete documentation.

The Way Forward: Cybersecurity Best Practices

  • There is a need to focus on resilience and proactiveness in cybersecurity.
  • We need to understand, assess, and mitigate the cybersecurity risks that appeared throughout the pandemic with tools like Indusface’s  Vulnerability Assessment tools.
  • Haphazard cybersecurity solutions must make way for more formalized, long-term, resilient, and scalable cybersecurity strategies and solutions in the post-COVID-19 era.
  • Real-time risk analysis, always-on surveillance, and full visibility into the full range of devices used are going to be a must. Remote access and BYOD policies must be redesigned with the new knowledge on threats and risks gained.
  • Organizations will have to adopt a ‘zero-trust network’ model where not all devices are trusted. All devices and users must undergo strict authorization processes to ensure that all remotely accessed data, systems, and resources are secure always. This will cause inconveniences to users but protect the organization’s digital infrastructure.
  • Big data, AI-ML, automation, and other futuristic technologies must be applied to further strengthen cybersecurity and infuse agility into the process.

The Closure

The importance of cybersecurity will continue to grow. COVID-19 is not the only disruption that we are going to face. Living in a VUCA world, we must be prepared for all disruptions in the future and their security implications. The importance of cybersecurity in the post-COVID-19 world is undeniable and highlights the need for cyber-resilience.


Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles