Amid the spike in COVID-19 coronavirus cybersecurity threats tied to remote work, Middle East organisations should follow a three-step process of education, testing, and long-term strategising, according to industry experts.
Worldwide, organisations saw a 70 percent increase in remote work from February-April 2020 – with a concurrent rise in cyberattacks such as phishing, fake apps and maps, trojans and backdoors, crypto minders, botnets, and ransomware, according to a recent report by VMware Carbon Black. Ransomware attacks alone rose by 148 percent from February-March 2020, with financial firms as among the hardest hit.
“Amid the COVID-19 coronavirus, Middle East organisations have rapidly moved to remote work – and now they need to ensure cybersecurity catches up to this ‘New Normal,’” said Praj Calthorpe, Deputy General Manager, Condo Protego, the leading UAE-based IT infrastructure and information management consultancy and solutions provider. “Government, banking and finance, and manufacturing are among the industry verticals that need to optimise cybersecurity to keep economies running.”
Firstly, organisations should assume they are being targeted by cyber-criminals. IT departments understand the threats, and they need to educate the C-suite and lines of business about how the threat landscape can imperil business continuity.
One growing trend has been the lowering barrier of entry for bad actors to deploy cyber-attacks. Cybercriminals are increasingly selling hacking services on the black market – also known as “Hacking as a Service.” Middle East organisations need to be on high alert for Advanced Persistent Threats and social engineering attacks.
Secondly, organisations should work with channel partners on vulnerability assessments and penetration testing – to identify gaps in their devices, networking, storage for cyberthreats — and then work on strategies to enhance cybersecurity. Organisations can also examine new remote work vulnerabilities due to COVID-19.
In the Middle East, Condo Protego is seeing strong demand for cybersecurity solutions from vendors such as Secureworks, RSA, and VMware.
Thirdly, Middle East organisations should work with knowledgeable and experienced vendors and channel partners to develop short-term, medium-term, and long-term cybersecurity strategies that can help an organisation to face ever-evolving threats.
“Middle East organisations can find managed security services have low entry costs and can deliver major business benefits,” added Calthorpe. “Organisations need to understand that cyberattacks have direct business costs, and intangible costs of reputational damage that can irreparably harm customer trust and experiences.”
Discussion about this post