Almost half of the North American organizations polled have suffered a data breach via a third party in the past 12 months.
The global shift to remote working amid the pandemic brought on a spike in cyber-attacks, raising serious questions about cybersecurity and forcing companies to review their digital resilience strategies and practices.
Cybersecurity has long been understood to be an important corporate priority, but in the rushed implementation driven by the pandemic, systems for remote workers were found lacking. Staff—unwittingly or otherwise—put corporate data at risk, in some cases by circumventing cumbersome procedures, in other s because remote-working security procedures had not been established in the first place.
Personal devices and Cloud deployments offer rich opportunities for attackers to insert any of the many types of malware—ransomware, adware, spyware, viruses, remote access trojans. Analysis firm Forrester predicts employees will be responsible for 33% of breaches throughout this year. And bad actors are devising increasingly sophisticated methods of attack.
Research jointly published by the Ponemon Institute and SecureLink in May further serves to underline the value of cyber defenses: Almost half of the North American organizations they polled, including financial institutions, have suffered a data breach via a third party in the past 12 months.
Cybersecurity is not just about malicious actors of course, but about continuity, availability, compliance and reputational risk management. Some three years after Europe’s General Data Protection Regulation in Europe came into force in May 2018, security professionals report that in the event of a serious data breach, they are more worried about class action lawsuits than regulatory fines.
The pandemic appears to have been a catalyst for a change in attitudes to remote working, with some firms having already declared their intention to make either a remote or at least hybrid/flexible approach to work a permanent feature. Although investment banks, including Goldman Sachs, want to see their traders back at desks as soon as possible, commercial banks are keen to harness the savings involved with swathes of the workforce working from home.
But without the right cybersecurity, it could turn out to be a false economy.