Secure Remote Work 03-22-2021

Cybersecurity in the New Normal: How COVID-19 Has Changed Security for Good

Jason Sabin
Security_Blog

It’s been over a year since COVID-19 shut down offices and forced businesses to reimagine new ways of working. However, some of the changes from the pandemic will likely be permanent. As organizations transition into a new normal, it is a key time to reemphasize cybersecurity.

If we learned anything from the previous transition to remote work, and the chaos of it, we should prepare now for the transition to working back in the office and/or remote in the new normal. This also applies to schools and universities that are transitioning from remote learning to hybrid and in-person.

Pandemic put emphasis on cybersecurity

A survey by Fudo Security of a diverse group of senior cybersecurity executives across the United States, Europe, Asia and the Middle East and North Africa found that 42% of CISOs around the world agree that the pandemic has changed their cybersecurity priorities. Partly to blame is the increase in attacks throughout 2020 and attackers using COVID as a hook for their scams. The FBI reported a 400% increase in cybersecurity complaints during the pandemic, and over half a million video conference users had their personal data stolen and sold on the dark web between February and May 2020.

Although there is progress being made with vaccine rollouts, the cybersecurity battle is far from over. Unfortunately, as businesses go back to the office in some capacity, these unique remote problems will remain. To help draw attention to the dangers out there, we’re going to explore the issues that companies must address.

Remote working cybersecurity issues

Seventeen percent of workers in the United States worked from home five days a week prior to the pandemic, according to Statista. This rose to 44% once the pandemic hit, and many of them plan to stay at home in the new normal. One survey found that 43% of full-time employees hope to continue working remotely after the pandemic.

While home working does have its merits, such as lower costs for businesses, this meteoric rise has led to some worrying IT security issues. These include:

  • Cloud transition. Since the pandemic, remote access solutions are preferred, and organizations are gradually moving critical business processes to the cloud. However, increasingly relying on the cloud and creating agility in the cloud could create more vulnerabilities if not properly secured. Microsoft found that 39% of companies are prioritizing cloud security investments >/a> over data and information security or even network security. PKI can help secure the cloud and provide strong authentication and operational integrity at scale.
  • Email phishing. Email phishing during the pandemic skyrocketed. There is an increased priority to train workers and prepare them to recognize and know how to deal with threats since the pandemic and to develop best practices for secure email access.
  • Varying remote devices. Mobile devices need their own unique security protection. But 52% of organizations find it challenging to protect mobile devices from cybersecurity issues. A critical first step to resolving this is to deploy an effective mobile device management (MDM) policy.
  • No office-based cybersecurity. Your company is more vulnerable when your staff can’t use office IT security measures, like firewalls. Fortunately, with tools like DigiCert’s Enterprise PKI Manager, you can boost security and provide remote workers with secure VPN access.
  • Protecting passwords. Employees should be trained on password policy best practices and your organization should implement multi-factor authentication. Additionally, with staff working from home, they may be tempted to share work passwords with friends or family to help them with certain work tasks. Obviously, this is a security issue, and needs addressing with proper training for all staff.

In addition to these security issues, there’s also the matter of what awaits your staff when they return to the office.

Back-to-the-office cybersecurity challenges

Looking forward, organizations will inevitably deploy a hybrid of work-from-home and in-the-office schedules for their staff. Unfortunately, a return to office life will present its own unique cybersecurity issues. As a recent example, many hackers are distributing malicious files and phishing attempts made to look like COVID-19 training documents.

The good news is, when you use tools like Secure Email (S/MIME) as part of DigiCert’s Enterprise PKI Manager, you can boost email security and enjoy features such as proof of authorship and authentication of sender.

With cybersecurity threats facing both remote workers and those returning to the office, it's essential to level-up your IT security.

Why take chances with cyberattacks?

The transition to remote working has been a difficult obstacle for many companies to navigate. It's challenging enough to maintain operations and productivity while working from home, never mind ensure complete remote cybersecurity. However, as security issues (such as phishing scams) increase, so too must your organization's security and resilience.

If you’d like to learn more about how DigiCert could your help your organization protect itself, reach out today for a chat with one of our team members.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-21-2024

10 ways AI, quantum and trust will shape the year ahead 

Why certificate automation is an absolute must