Smart Cities

The Pandemic Needs a Vaccine, but the Infodemic Needs a Cybersecurity Revolution

“We’re not just fighting an epidemic; we’re fighting an infodemic,” said Tedros Adhanom Ghebreyesus, Director-General of the World Health Organization (WHO) during a gathering of foreign policy and security experts in Munich, Germany, in February, referring to fake news and opportunistic cyber attacks that “spreads faster and more easily than this virus,” he said. COVID-19, and various measures used to control the spread of the virus, has fundamentally changed the cybersecurity landscape. Remote work is suddenly the new normal, with many companies forced to develop the infrastructure to make that possible in the early days and weeks of the outbreak. Remote work already made companies more vulnerable by providing access to sensitive information over unsecured networks but in the rush to create a decentralized infrastructure an extensive and largely unsecured edge has been exposed. “Traditional cybersecurity controls dictate a centralized approach where data is consolidated from different sources to perform analysis and investigation. With swift […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $180 USD per year per user ( just $15 USD per month) for Access to Quality Independent Smart Building Analysis!

What Exactly Do you Get?

  • Read every article published in full and get unlimited access to our archive of over 1,400 articles.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

“We’re not just fighting an epidemic; we’re fighting an infodemic,” said Tedros Adhanom Ghebreyesus, Director-General of the World Health Organization (WHO) during a gathering of foreign policy and security experts in Munich, Germany, in February, referring to fake news and opportunistic cyber attacks that “spreads faster and more easily than this virus,” he said.

COVID-19, and various measures used to control the spread of the virus, has fundamentally changed the cybersecurity landscape. Remote work is suddenly the new normal, with many companies forced to develop the infrastructure to make that possible in the early days and weeks of the outbreak. Remote work already made companies more vulnerable by providing access to sensitive information over unsecured networks but in the rush to create a decentralized infrastructure an extensive and largely unsecured edge has been exposed.

“Traditional cybersecurity controls dictate a centralized approach where data is consolidated from different sources to perform analysis and investigation. With swift digitalization, security controls will shift to data sources, similar to the trend witnessed in IoT,” says Kumar Ritesh, Founder, and CEO at CYFIRMA. “With millions of employees working from home, hackers’ focus has shifted from enterprise to remote working individuals. To handle the menace that exists in cyberspace, decentralized cybersecurity will rise where greater emphasis will be placed on data sources such as actual remote employees themselves.”

Maintaining flexibility in this new remote and decentralized security landscape will require a shift away from a ‘who has the key’ approach to a ‘who are you?’ approach where systems will seek to verify identities to better control access. The post-COVID “minimal personnel environment” will drive biometric technology, either fingerprint via personal devices or contact-free options such as retina/iris scans, facial recognition or voice identification for various building access points.

A rise in biometrics, especially facial recognition, will bring privacy issues to the boil. Before COVID-19, companies were in an environment of GDPR compliance and BYOD risk mitigation, but now it is all about remote working and epidemic control, each with implications for the privacy-security debate. Chinese-style facial-recognition-enabled surveillance has proved to be an effective epidemic control technology, spurring ‘track and trace’ apps in Europe and North America that threaten to change the western stance towards privacy. Remote working, meanwhile, exposes companies and their employees to a range of cybersecurity threats that demand more reliable access control infrastructure.

The remote working shift will push us further into the cloud as more and more companies look for the right mix of security, accessibility and cost. Cloud offers simplicity and reliability against a backdrop of chaos as companies try to find a balance between employee safety, public health policy compliance, and trying to maintain business activity. This will likely lead to increased containerization of IT architectures — the zoning of digital spaces based on the type of information they possess — but these cyber-territories will need to expand into new home-offices and include the now geographically diverse remote workers themselves.

People were always the ultimate target of cybersecurity measures, “I am the network wherever I happen to be, so if you want to secure the network you have to secure me,” the Jericho Forum famously stated. Whether remote working or in the office, people are the edge of the network, entrusted to make decisions that can impact the entire enterprise. If we were all cybersecurity experts then cyber threats would be largely be nullified, therefore the more cybersecurity education and training we can provide, the more secure we will be.

“Instead of seeing people as the weakest link, view them as your frontline defenders. Cybersecurity awareness training for people across the entire supply chain and ecosystem will prevail,” continued Ritesh in a Forbes article. “Hacker groups will rattle the cages of government and businesses as digitalization efforts escalate. Cybersecurity strategies will have to shift downline toward the remote worker, decentralized controls, and enhanced policy measures.”

Cybersecurity is not a new problem, nor is the integration of remote workers into corporate networks, but the world has changed this year. The disruptions caused by the COVID-19 pandemic and various measures used to control the spread of the virus have created that “infodemic” and left us more vulnerable to cyberattacks than ever before. Now, as we plan our recovery from this global disaster, we have an opportunity not just to get back to normal but to take the chance to find a better way — be that greener, cleaner, more productive, or more secure.

Most Popular Articles

Spacewell Nemetschek Group
Smart Buildings

Spacewell Smart Building Management Business & Financials 2022 Examined

In this Research Note, we examine Spacewell, part of the Manage segment of Nemetschek, which provides software for the management and operations phase in the building lifecycle. This article is based on their 2022 annual results, investor presentations, the Annual Report of the parent company, published on 23rd March 2023 and the group’s strategy in […]

Net Zero Buildings Balfour Hospital
Energy

Net Zero Buildings Explored – The Balfour Hospital

The Balfour Hospital in Kirkwall, on the remote Scottish islands of Orkney, has established itself as the first fully net-zero National Health Service (NHS) hospital in the UK in 2019. The £65 million facility, designed to accommodate 49 patients, has pioneered an innovative and sustainable approach to design, construction, and operation processes. Delivered by the […]

CXApp SPAC
Smart Buildings

Smart Building SPAC Trend Continues with Hybrid Work Play CXApp

Since 2019 the business world has been inundated with high-profile SPAC deals. And while we have certainly seen a slowdown in SPAC deals in recent months, the SPAC trend is by no means over. In the smart building industry, a new SPAC was completed this month, as workplace experience platform provider CXApp completed a business […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy