While the COVID-19 pandemic presents very real biological threats, the necessary social distancing policies have forced us to rely on a digital world that presents very real cyber threats. From an almost overnight shift to mass remote working, to a sharp rise in opportunistic cyberattacks, the crisis has tested every company’s cyber resilience. Cybersecurity systems have strived to protect the digital networks that businesses are now so dependent on, now a new survey from Microsoft sheds light on the initial and upcoming responses of businesses around the world.
“The importance of cybersecurity in facilitating productive remote work was a significant catalyst for the two years-worth of digital transformation we observed in the first two months of the COVID-19 pandemic,” says Andrew Conway, general manager at Microsoft Security. “In this era of ubiquitous computing, security solutions don’t just sniff out threats, they serve as control planes for improving productivity and collaboration by giving end-users easier access to more corporate resources.”
Hundreds of millions of new remote workers emerged in the space of a few weeks in March, often entire organizations at once. While many companies would have had remote access portals in place, few would have been designed for that scale. Each remote connection brings some vulnerability and as whole workforces were forced to go remote, it became challenging to provide easy access to workers while also protecting the network from attack. This balance is crucial, as failing to effectively provide either access or security would threaten the company’s ability to function at all.
“Security and IT teams have been working overtime to meet business goals while simultaneously staying ahead of new threats and scams. Providing secure remote access to resources, apps, and data is the #1 challenge reported by security leaders,” writes Conway. “For many businesses, the limits of the trust model they had been using, which leaned heavily on company-managed devices, physical access to buildings, and limited remote access to select line-of-business apps, got exposed early on in the pandemic.”
Back in March, Microsoft Threat Intelligence teams reported a spike in “COVID-19 attacks” as cybercriminals introduced pandemic themes to known scams and malware. Business leaders reported phishing threats as the biggest risk to security in that same timeframe, with 90% indicating that such attacks have already impacted their organization. More than half considered clicking on phishing emails as the highest risk behavior and 28% admitted that attackers had successfully phished their users.
Phishing emails often use crises to their advantage and the extended confusion of COVID-19 has created many unprecedented opportunities. A mid-April report by Google’s Threat Analysis Group showed that the company was blocking 18 million COVID-19 themed malware and phishing emails per day, many linked to duplicated websites of popular platforms. A Check Point research study identified more than 1,700 “Zoom-related domains” registered during the early weeks of the pandemic, many suspected to be part of phishing campaigns.
“It’s a devilishly smart tactic,” says Tom Kelly, CEO of ID Experts, in a Security Magazine article. “Hackers know that over 90% of data breaches are the result of human error. And with so many people working from home, cut off from regular contact with IT security, and generally on edge with anxiety or stress, now is the perfect time for hackers to test the limits of individual vigilance.”
In response to the crisis, 58% of companies have increased their cybersecurity budget according to the Microsoft survey, versus just 22% that decreased it and 19% that made no changes. Furthermore, over 80% of respondents claimed to already be using that budget to hire additional security personnel or for outsourcing security tasks. With so much fear and doubt in this global crisis, companies are seeking out the cybersecurity expertise that can help them tackle the increased threats and navigate the uncertain landscape ahead.
Survey results on cybersecurity spending in the remainder of 2020 also made interesting reading. Cloud security (CWPP + CPSM + CASB) was the standout response with 39%, but data and network security, anti-phishing tools, as well as endpoint detection and response (EDR) all featured for over 20% of respondents. The data also showed that the increased investment appetite for cybersecurity on pure cloud systems is now surpassing on-premises and hybrid models, suggesting a rapid acceleration of the trend towards highly cloud-dominated business data landscapes.
“To say that we are living in unprecedented times, is quite frankly, an understatement. Each and EVERY one of us has been impacted—in one way or another—by current events. We’ve had to adapt to new ways of life, in our homes, and our workplaces. And the pace of change has been at a rate none of us have seen before. At times like these, we need empathy more than ever,” said Ann Johnson, CVP SCI Business Development at Microsoft, in a July article.
“But empathy isn’t just for in-person interactions. By applying empathy to digital solutions, we can make them more inclusive. In cybersecurity that means building tools that can accommodate a diverse group of people’s ever-changing circumstances. It also means developing technology that can forgive mistakes,” Johnson continued.
Consider the app-culture that emerged with the rise of smartphones and tablets, and how that has moved into the wider computing industry. Apps allow a wide range of third-party developers to create solutions that better represent the demands of a wide range of end-users. Apps offer that inclusive diversity of people’s ever-changing circumstances but they also put trust and security decisions in the hands of the user, which inevitably leads to mistakes. However, these can be forgiven if the cybersecurity system prevents mistakes from creating disasters. For businesses, only cloud systems offer that balance of diversity and security.
Traditional security approaches, such as passwords and firewalls, have failed to provide adequate access and security during the pandemic — they were never meant for this remote user scale or the increase of crisis themed threats. We have now been forced to adopt Zero Trust Cybersecurity, an approach that assumes breach as its default posture by treating every digital interaction as a unique risk to be evaluated and verified. To cost-effectively maintain Zero Trust cybersecurity at scale, businesses will again look to the cloud.
“Overnight, Zero Trust shifted from a business option to a business imperative. As we look past the pandemic to a time when workforces and budgets rebound, Zero Trust will become the biggest area of investment for cybersecurity. This means, that right now, every one of us is on a Zero Trust journey—whether we know it, or not,” continues Johnson.
“The COVID-19 outbreak has brought us into the stark reality of how agile and callous our adversaries can be. Facing a new economic reality, organizations will also be driven to reduce costs by adopting more of the security capabilities built into their cloud and productivity platforms of choice,” she concludes. “While digital acceleration will continue to influence the paradigm shifts that shape our industry, one thing remains the same; security technology is fundamentally about improving productivity and collaboration through secure, inclusive user experiences.”