In mid-April, ISACA surveyed more than 3,700 IT audit, risk, governance and cybersecurity professionals from 123 countries to assess the impact of COVID-19 on their organizations. The results may shock some readers.
51% of technology professionals and leaders surveyed are highly confident that their cybersecurity teams are ready to detect and respond to the rising cybersecurity attacks during COVID-19, while only 59% say their cybersecurity team has the necessary tools and resources at home to perform their job effectively. Worse, 58% of respondents say threat actors are taking advantage of the pandemic to disrupt organizations, and 92% say cyberattacks on individuals are increasing.
With the increase in people working remotely, this increase in cyberattacks on individual could have consequences on organizations as a whole. An employee at home who opens a bad attachment still has the potential to unleash malware on the entire network. While 80% of respondents said their organizations shared cyber risk best practices for working at home as shelter in place orders began, 87% of respondents still say the rapid transition to remote work has increased data protection and privacy risk.
With cyberattacks on the rise, and only half of the organizations surveyed feeling confident in their ability to respond, one starts to wonder how an organization will come out of COVID-19 unscathed. ISACA CEO David Samuelson. Says, “A surge in the number of remote workers means there is a greater attack surface. Remote work is critically important right now, so security has to be at the forefront along with employee education.”
Even after COVID-19 is over and things return to “normal” it is likely that having a remote workforce will be a big part of the new normal. Increased security measures around remote work as well as employee education around safe remote work practices are be critical: now and in the future.