1. Blog
  2. Cyberdefense
  3. COVID-19: lessons learned

COVID-19: lessons learned

Welcome to the final instalment of our six-part blog series based on our recent whitepaper entitled ‘COVID-19: A biological hazard goes digital.’ If you haven’t read the first five parts, you’ll find them in the insights tab (via our blog page) on our website here.

Let’s summarise. Over the course of the last five blogs, we’ve taken a journey into how the COVID-19 health pandemic has had a knock-on effect on our businesses and the digital realm. Hackers have capitalised on the crisis, using social engineering attacks, malware campaigns and a whole host of other tricks to disrupt, misinform, aggravate existing geopolitical tensions and generally spread harm. As a result, the emergent threat model has shifted, creating a new normal for cybersecurity professionals trying to temper panic and anxiety with logical, strategic thinking.

In response to the heightened threat levels online, the security community and like-minded individuals have rallied together to fight a common enemy. Very recently, the UK’s National Cyber Security Centre (NCSC) launched a new initiative encouraging citizens to report suspicious emails in an attempt to tighten the net around COVID-19 fraudsters. According to ZDNet, the initiative has already removed over 2,000 coronavirus-related scams in just one month. A plethora of other groups have vowed to clean up the world wide web, one hacker at a time, which serves as a beacon of hope and altruism in otherwise dark and confusing times.

Bad for society, bad for business

In the last few instalments of this blog series, we offered practical guidance, tips and technical insight to businesses trying to navigate a changing threat landscape amidst the chaos. In this final piece, we’ll look at how the impact of this pandemic and our collective response hold valuable lessons for security practitioners. Given the domino effect COVID-19 has had on nations globally, if anything the virus has demonstrated that – despite our ideological, religious and cultural differences – our societies and economies are so closely intertwined. This shows how a catastrophe in one area really can spill over into another.

Responding to the crisis has shown us the impact that our behaviour can have on the whole of society, rather than just individually or within our immediate circles of influence. This is an important lesson for the security community. While considering when, where and how much to invest in security, we need to think more broadly. Instead of looking at the single-dimensional risk to our business, we also need to look at the secondary and tertiary effects on the broader economy when breaches happen. A good rule of thumb to live by is: what’s generally bad for society, is also bad for us as a business.

What does the future hold?

COVID-19 will change the entire face of the world in numerous ways – some we can predict, others we can’t possibly anticipate.

When it comes to cyber specifically, the following are the ways in which we believe the cybersecurity industry will change when our current situation returns to relative normalcy:

  1. Pressure on Business Continuity Planning

We can no longer wait for a crisis to happen to recognise or identify weaknesses in our security armour. In the same way that banks stress test in order to ensure their businesses are robust whatever the situation, businesses should also be baking regular business continuity planning (BCP) and Disaster Recovery (DR) testing into their corporate DNA. This includes the incorporation of “Contagious Illness Response.” We expect a surge in demand for consulting and support as a result of the interest in these types of policies and exercises. We also expect innovation and the emergence of additional products and platforms addressing incident response and business continuity planning, such as simulators, ongoing BCP assessment and measurement.

  1. Shrinking offices

Whereas hot desking was previously frowned upon by many, this is the dawning of the age of remote working, which could lead to offices reducing in size. Required infrastructure for business operations will therefore change drastically.

  1. Zoom picks up speed

If offices are shrinking in size, then demand for “fuller” video conferencing and remote work capable applications will peak. We may even see a surge in VR-enabled applications.

  1. In VPN-less we trust

We also anticipate that demand for Zero-Trust and similar VPN-less technology will surge. This includes an increase in demand for remote desktop (VDI) and Citrix front-end services, as well as cloud-based web browser remote desktop solutions.

  1. The new frontier

We’ll likely see an acceleration in demand for technologies protecting the new perimeter (zero-trust, data centric, IoT, etc.)

  1. Online services reign supreme

Online services (banking, payments, e-commerce, learning, entertainment) will continue to accelerate. As a result, we expect an increase in the consumption and the development of application security technology platforms to secure online software. This includes load balancing, DoS protection, and API security.

  1. Returning to mother

We expect an increased perception of the risk from devices (laptops) not being connected to the mother network for longer periods of time (patching, anti-virus, secure configuration etc.) As a result, we may see demand for tools such as Juniper to quarantine devices out of compliance when returning to the network.

  1. Risk from relaxing

Relaxing isn’t always a good thing. We anticipate increased levels of risk from staff having more relaxed access to the Internet, e.g. Office 365 etc. and other software and services that don’t require access to the mother network. This renders features like URL filtering, firewalls and IDS/IPS abandoned for periods of time. New next-generation firewall features and architecture will be needed.

  1. Toughen up, crack down

Moral, legal and law enforcement attitudes regarding hacking against healthcare facilities will harden considerably, perhaps even with charges as severe as manslaughter or culpable homicide. This could have far-reaching implications for the ability of law enforcement to counter cybercrime, even after the COVID-19 crisis is over.

  1. Budgets – for better or worse?

IT and security budgets will certainly change off the back of this crisis. It’s not clear yet whether that will be for better or worse. But we do expect that there will be increased focus on and demand for clear and measurable ROI from spend on cybersecurity.

Download the Whitepaper by Charl van der Walt

Share