Executives consider cybersecurity the technology most important for survive Covid-19. But many of the industries that need to integrate it most are also the most cyber-naïve.
Companies will be vulnerable if their cybersecurity capabilities fail to keep pace with the accelerated digital transformation and increased remote working that coronavirus has necessitated. As evolving cyberattacks threaten significant costs, companies have no choice but to act decisively to reduce risk exposure.
Increased digitisation necessitates improved cybersecurity
Covid-19 has hastened digitisation across all industries. With a large proportion of employees working from home and customer interaction shifting toward online platforms, have taken advantage. Both the UK National Fraud & Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency reported significant increases in cyberattacks in 2020. GlobalData’s recent Emerging Technology Trends Survey found that 84% of executives expect cybersecurity to aid recovery from the Covid-19 downturn – more than any other technology. 54% of executives reported improved sentiment toward cybersecurity in recent months – a result of needing their existing cybersecurity to successfully fend off attempted attacks.
GlobalData’s Cybersecurity Thematic Report highlights that whilst certain industries understand cybersecurity well (Professional Services, Technology, Insurance – all accustomed to handling sensitive data), others are more cyber-naïve. The sectors with both a poor understanding and an imperative to digitise during Covid-19 (Foodservice, Consumer, Apparel, Retail) are the most vulnerable.
The need for security should drive spending despite Covid-19’s economic impact. Companies with less advanced security measures should look to use cases from more cyber-sophisticated industries and prepare for the associated expenses.
Ransomware attacks are debilitating and costly
The most successful form of cyberattack is ransomware, a malware that blocks a company’s access to its data or computer system until a ransom is paid. Cybersecurity Ventures estimates global ransomware damage costs will total $20bn in 2021, 57 times more than in 2015.
One recent victim is German software giant Software AG, which suffered a ransomware attack in October 2020. The attackers demanded a $20m ransom. When Software AG refused, the attackers published some of the company’s files and data on the dark web. The FBI insists paying ransoms only emboldens attackers but concedes that the cyber damage facing Software AG may make paying the ransom more appealing to executives.
Working from home presents a security challenge
Cybersecurity technology is changing rapidly to meet today’s cyber threats. Effective cybersecurity now typically uses AI-infused solutions and extensive cyber-expertise. But there is a worldwide skills shortage in cybersecurity with 4.1 million unfilled positions in November 2019 (International Information System Security Certification Consortium). Attracting better skilled cybersecurity staff will be both difficult and expensive.
The Covid-19 pandemic has highlighted how cyber-naïve remote workers need security awareness training in order to thwart attacks. Attackers often consider the interface between the system and the user to be the weakest point in a company’s security. 93% of data breaches in 2020 were caused by employee negligence according to an Egress Insider survey. About a third of the involved employees shared work data with personal systems, usually through attempts to work from home.
Digital transformation must be accompanied by strong security. Cybersecurity is expensive, but digitising companies should recognise that the financial and reputational risks and costs of data breaches are far worse. Ignorance is no excuse for failure.