Doha: As COVID-19 continues to disrupt our lives, many people around the Gulf have been forced to quickly adapt to working remotely. These precautions have been a great contribution to combating the pandemic, yet they have also left some people and their organizations exposed to a variety of cyberthreats.
Before the pandemic, only around 50% of employees were working outside of their main office headquarters for at least 2.5 days per week, according to a 2019 study by the International Workplace Group. However, COVID-19 has challenged more — perhaps all — organizations to potentially embrace a full remote-work style for the immediate future. Aside from the pressure this office exodus puts on IT teams, network architectures, and even equipment suppliers, there are real cybersecurity challenges to consider.
Cyberthreats are constantly evolving in order to take advantage of online behavior and trends. The COVID-19 outbreak is no exception. Unfortunately, cybercriminals are attacking the computer networks and systems of individuals, businesses, and even global organizations at a time when cyber defenses might be lowered due to the shift of focus to the health crisis. According to one recent report from ISACA, more than 90% of businesses surveyed say that threat across will increase cyberattacks on individuals during the times of COVID-19. However, just half are highly confident in their security team’s ability to detect and respond to these cyber threats during the pandemic.
The healthcare community has been one example of an industry under increased threat. Earlier this year, for example, the World Health Organization noted that since the start of the COVID-19 pandemic, they have seen a dramatic five-fold increase in the number of cyberattacks directed at its staff, and email scams targeting the public at large. Scammers increasingly targeted the general public in order to channel donations to a fictitious fund and not the authentic COVID-19 Solidary Response Fund.
Whatever the industry—be it healthcare, manufacturing, retail, or otherwise—the challenge has been compounded by sectors who have had to accelerate a work-from-home process with only limited if any previous cybersecurity training.
Security teams and home office users can, however, minimize the risks that come with remote-working setups. Based on security experts’ recommendations, private and public sectors should work with their security teams to identify likely attack vectors as a result of more employees working from home, and prioritize the protection of their most sensitive, business-critical applications. Home-working policies must also be made clear with easy-to-follow steps that empower employees to make their home-working environment secure. For IT leaders, considering advanced protection offered by 5G leased lines for businesses, Wi-Fi 6 connectivity, and cloud-based security services is a great start.
We should ultimately recognize that our threat environment is not static, which means it is important to keep a close eye on evolving threats to avoid unnecessary additional costs and disruptions in a time when we can least afford them. Taking these relatively straightforward steps at both a corporate and individual level will help address some of the most common security risks facing our remote-working environments in the region today. There are challenges involved in accomplishing remote-working at speed, but the security of one’s networks, devices, and data shouldn’t have to be among them.
(Author is the Chief Security Officer – North Gulf, Huawei Middle East)
