Commenting on the findings, Abu Bakkar, HLB’s Chief Innovation Officer, says: “COVID-19 has demonstrated how important technology is for business leaders, but the pandemic has truly highlighted the critical role cybersecurity plays. CEOs must work closely with their CTOs and IT consultants and recognise the investment needed in this area and build it into your business strategy. Without cybersecurity at the heart of your organisation, can you truly deliver for your customers?”
Cyber-attacks on the rise in 2020
Our experts overwhelming opinion is that phishing attacks are increasing, and highlight that social engineering is also rising. The impact of social isolation is also playing a key role in the rise in cyber-attacks as remote workers do not have their colleagues to double check any potential queries.
Challenges to making home offices secure
At the start of the pandemic, CTOs and IT management scrambled to get remote workforces running, facing vulnerabilities across several areas such as securing personal devices to giving access to virtual private networks (VPNs). These vulnerabilities allowed for cyber-attacks and data breaches to take place, leading to 88% of respondents noting that their companies changed their cybersecurity strategies and protocols.
Strengthening cyber-risk management strategy
When asked about the level of security across the three tenets of information security, one in five respondents doesn’t believe their online systems are secure. HLB’s Global Advisory Leader, Jim Bourke points out much of this is due to “the fact that our workers are still working remotely and touching confidential data, so there continues to be exposure. From a cybersecurity month perspective, it’s worth noting that the question about data confidentiality should have been answered with 100% secure. We have rules and regulations, like GDPR, so we should be secure. However, the rapid shift to remote working and with such a large portion of the workforce still working from home, many organisations have just not been able to fully comply in the short space of time.” To manage cyber-risk, it’s necessary to adapt the three tenets of information security of data availability, data confidentiality and data integrity to remote working environments.
Lessons learned from lockdown
When the pandemic hit, business leaders’ priority was business continuity. However, the cyber-risk management lessons learned continue to build on the common themes of agility and resilience. The lessons business leaders should be aware of are: