The COVID-19 pandemic has accelerated the amount of digital transformation by at least two years. Now that remote work is no longer an option but a necessary protocol to ensure the safety of employees, more companies are choosing to transform their businesses to adapt to the situation and protect their data. Cybersecurity is given the recognition it deserves in facilitating a safe and productive remote environment.
Today, the cloud is everywhere in the new normal. Not only does it detect potential threats, but it also serves as an avenue to enhance productivity and collaboration by making resources accessible everywhere at any time. It has become a security imperative in a remote working environment that you can easily deploy on top of existing infrastructure.
We now have the largest remote workforce in history. Teams had to learn how to scale Virtual Private Networks overnight. Companies were reminded that security technology is about improving productivity and collaboration while also enhancing end-user experience. This is where digital empathy comes in. During a pandemic, the foundation of digital empathy is security. With this, there is a need to maintain cyber resilience to support operations. Risk thresholds must be regularly evaluated to develop comprehensive cybersecurity strategies and make a wide range of contingencies simpler.
To gather and understand more insights about the current pandemic threat landscape, Microsoft recently concluded a survey of nearly 800 business leaders with more than 500 employees. They wanted to understand their views on security budgets, staffing, and cloud-based technologies and architectures. However, Microsoft found out that several companies are still impacted by phishing scams and other cybersecurity issues.
Security and IT teams have always worked hard to meet business goals and, at the same time, stay ahead of new threats and scams. Security leaders want to provide safe remote access, but it’s not as easy as it sounds. Cybercrime schemes are also evolving to keep up with advancing technology. Moreover, IT security leaders and teams have to work with company-managed devices, physical access to buildings, and restricted remote access to select line-of-business apps, which makes the job more difficult because of the limitations. As such, when asked what the top security investment was during the pandemic, the answer was Multi-factor authentication (MFA).
As such, in a way, pandemic security risks are somehow the same as before. Anti-phishing technology is still identified as the best security investment before and during the pandemic. In early March, cybercriminals employed pandemic-themed lures to scams and malware to victimise people. Within the same timeframe, business leaders reported that phishing threats were the biggest risk to security. 90% admitted that phishing affected their organisation. More than half said clicking on phishing emails was the highest risk behavior they observed. 28% admitted that attackers had successfully phished their users. It’s also interesting to note that organisations with mostly on-premises resources reported higher numbers of successful phishing attacks than those organisations who are more cloud-based.
Due to the increase in remote work needs, the role of cybersecurity has also increased and expanded. The pandemic has affected security budgets and staffing in 2020. Critical new capabilities such as MFA and Zero Trust strategy have been enabled to adapt to the business implications of the pandemic. The majority of business leaders reported budget increases for security (58%) and compliance (65%). As a result, there’s pressure to lower overall security costs (81%). Leaders are working to enhance integrated threat protection and lessen the risk of breaches to combat the pressure and rein expenses in the short-term. In the long-term, 40% of businesses say they are prioritizing investments in cloud security and anti-phishing tools (26%).
All in all, the numbers just go to show how the pandemic has served as a catalyst for digital transformation in many organisations. As a result, it’s highly likely that security paradigms in the future are also changed forever.