COVID-19 lockdowns around the world have led to an increase in some of the most common attack types, but also a realization that businesses must change going forward, according to over 80% of IT professionals polled by Bitdefender.
The security vendor interviewed 6724 security and IT staff in May across the UK, US, Australia/New Zealand, Germany, France, Italy, Spain, Denmark and Sweden, covering all sizes of organization.
Some 86% claimed attacks had increased during lockdown, especially phishing (26%), ransomware (22%), social media threats/chatbots (21%), cyber-warfare (20%), Trojans (20%) and supply chain attacks (19%). In some cases, such as ransomware (31%) and DDoS (36%) the increase in volume of attacks was in the double-digits.
Around a third (34%) of respondents warned that home working employees were too relaxed about security, leading to concerns over phishing (33%) and accidental data leaks (31%). A third claimed home workers aren’t following protocol by identifying and flagging suspicious activity.
Other risks from remote working highlighted by respondents include third parties using corporate laptops and devices (38%) and the use of personal messaging services for work (37%).
Unsurprisingly, half (50%) said they had no contingency plan in place for a scenario such as COVID-19.
However, on the positive side, global organizations are taking proactive steps to improve cybersecurity readiness and resilience going forward.
Over a fifth (22%) said they’ve started providing VPN and made changes to VPN session lengths, 20% have shared cybersecurity guides and deployed pre-approved applications and content filtering, and 19% have updated employee training.
Almost a third (31%) said they intend to keep 24/7 IT support once the pandemic recedes and will increase security training. Even better, 23% said they’re going to increase cooperation with key business stakeholders when drawing up cybersecurity policies, and a similar number will increase outsourcing of IT security functions.
Liviu Arsene, global cybersecurity researcher at Bitdefender, argued that customer loyalty, trust and the bottom line are at risk if organizations don’t get cybersecurity right during the pandemic, and beyond.
“COVID-19 has however presented infosec professionals with the opportunity to reassess their infrastructure and refocus on what end users/employees really need and want in terms of cybersecurity support,” he added.
“It is also evident that, despite identifying risks, there is still a need for further investigation into what investments need to be made to ensure that corporate data and employees are both safe from bad actors. While it’s a challenge to make changes now, it will shore up business for the future and many more unknown scenarios.”