Please fill in the form below to subscribe to our blog

Cybersecurity and COVID-19: 4 Lessons Learned

September 24, 2020
4lessonslearnedfromcybersecurity and COVID-19 represented by a red COVID-19 molecule floating past a blue padlock on a computer screen

Studying the Challenges at the Intersection of Cybersecurity and COVID-19 Can Prepare You for Future Crises

COVID-19 has fundamentally changed the world. That change came very quickly, and no one was prepared for the fast moves that businesses would need to make to protect themselves from cybercrime and continue functioning under stressful circumstances. Now that we’ve all adjusted, it’s important to look back at some of the challenges we experienced when cybersecurity and COVID-19 met up to create unexpected problems. Here are four important takeaways to keep in mind for the next crisis.

Remote Management is a Necessity 

A huge lesson that we all learned from this experience is that remote cybersecurity management isn’t just a nice-to-have convenience – it’s a non-negotiable necessity. Few businesses were prepared be unable to access their facilities at all for a long period of time because of a dangerous pandemic. That’s why simple remote management has to be at the top of the list when shopping for cybersecurity solutions. 

All of our solutions can be managed remotely with no additional setup. Passly travels with your workforce, securing everyone wherever they are – and providing your administrators with essential remote management tools like secure shared password vaults. Dark Web ID is always at work without you having to lift a finger. Plus, BullPhish ID features set-it-and-forget-it anti-phishing training that’s easily managed remotely to improve phishing awareness including video lessons in 8 languages, four new plug-and-play phishing training campaigns per month, and online retention testing.

Phishing is the Biggest Pitfall 

The COVID-19 phishing explosion was cataclysmic – phishing was up by more than 660% in the first half of 2020. Cybercriminals pulled out all the stops to capitalize on the golden opportunity that the fear and uncertainty around the pandemic combined with a sudden surge in staffers who weren’t necessarily trained to work from home and companies with slapdash remote security. And it became abundantly clear that remote workers are more likely to fall for phishing traps, creating huge cybersecurity and COVID-19 related challenges while turning unwitting staffers into insider threats, and creating the perfect atmosphere for ransomware to flourish.

That’s why fighting back against social engineering with security awareness and phishing resistance training has to rank high on every company’s IT priority list. Companies that engage in regular, updated security awareness training with a dynamic solution like BullPhish ID have up to 70% fewer cybersecurity incidents.

Multifactor Authentication is Essential 

As many companies found out, secure identity and access management is a vital tool for securing a remote workforce. Most companies knew that they needed to improve password security, but it tended to get pushed down the list for more glamorous priorities. A solution like Passly provides credential and access point protection on multiple fronts and is highly effective against password sharing and two nasty but common cybersecurity problems that are especially vicious in a remote-only scenario – spear phishing and credential stuffing.  

Multifactor authentication (MFA) is key to protecting systems and data from phished passwords. Passly’s multifactor authentication feature includes several options for staffers to receive a code that ensures that they’re really the person logging in. Single sign-on (SSO) LaunchPads are also a great tool for ensuring that stolen credentials aren’t giving access to the wrong people – and SSO empowers IT staffers to cut off access quickly for an account that has been compromised. And with so much information available in Dark Web data dumps, credential stuffing attacks are easier than ever, and MFA puts the brakes on them.

Password Protection Isn’t Really Protection at All 

A password is supposed to help keep systems and data safe, but in today’s Dark Web fueled landscape, it’s like using an old-fashioned skeleton key lock on your door instead of a proper deadbolt. Password reuse, bad password habits, and password sharing is a huge problem that may never go away. Dark Web data is readily available to power all kinds of cyberattacks, from spear phishing to ransomware – including sophisticated attacks against privileged credentials like administrator and executive passwords.  

Credential monitoring is a fast, simple way to stop cybersecurity disasters before they start. MFA protects your data by throwing up a roadblock between cybercriminals with a stolen password and your business. But if you were employing Dark Web monitoring with Dark Web ID, you’d already know that password was compromised. Dark Web ID uses human and machine intelligence to guard your company against credential compromise headaches 24/7/365. If your protected credentials are spotted in a Dark Web market, you’re alerted immediately, enabling you to take action before the bad guys do.

Past is Prologue 

Cybersecurity will never be the same after the events of 2020. The global pandemic and economic fall out have left the Dark Web more dangerous than ever before. It’s crucial that we analyze everything that may have gone wrong in the past, especially at the intersection of cybersecurity and COVID-19 in order to be prepared for potential cybersecurity challenges next year and in all of the years to come. Investing in a strong digital risk protection platform is the cornerstone of ensuring that your company is ready to face whatever is next.

Contact the experts at ID Agent today to learn more about how our effective, cost-effective solutions can keep your business safe from cybercrime.