The global crisis has seen cyber-attacks grow whilst security somewhat slips, says a survey from (ISC)² which observed that 47% of cybersec staff have now been taken off security duties it appears.
Most security professionals (81%) say that they have seen major shifts to their jobs during the pandemic, states the new survey, with as many as 47% reporting being temporarily removed from security duties in order to assist with general IT needs, e.g. equipping a mobile workforce.
Environments
The immediate mobile and remote requirements correspond with an 96% of respondents’ organisations having now closed physical work environments & changed to remote work-from-home practices for all employees.
Worryingly, 23% stated cyber-security incidents experienced by their organisation have increased since moving across to remote work. Some are reporting as many as double the incidents. Also, while 41% said their organisations are using best practices to secure their remote workforce, another 50% agreed, but still thought they could be doing more yet.
Speed
One person observed, “Security at this point is a best effort scenario. Speed has become the primary decision-making factor. This has led to more than a few conversations about how doing it insecurely will result in a worse situation than not doing it at all.”
Mark Kedgley, CTO of NNT Technologies flagged: “The survey goes to confirm our expectations. The sudden need to shift business operations over to a remote access model is completely at odds with security priorities where standard best practice is always to reduce function and access, not expand it. The increase in cyber-security incidents confirms what many other researchers have reported, with opportunistic phishing attacks leveraging the thirst for knowledge and exploiting the chaos and uncertainty over the last few weeks.
‘Zero Day’ virus
“In cyber-security terms, Covid-19 is a ‘zero day’ virus without any vaccine or treatment. The burden for protection falls to the nations testing and tracing processes, much like the need for intrusion detection, change control and integrity monitoring in the cyber-security world. There are parallels with the way the world was ravaged by WannaCry, with blanket shutdowns of IT systems, simply because too many didn’t have any early warning detection or outbreak tracing capabilities in place…”
The (ISC)2 COVID-19 Cybersecurity Pulse Survey highlights some positive aspects of the current situation, with 81% saying their organisations view security as an essential function at this time, and only a tiny %, just 15% indicating that their information security teams do not have the resources they need to support a remote workforce. However, a more surprising 34% do have remote resources in place, but only for now, raising further questions for the future.
Challenges
“Organisations of all shapes and sizes are navigating this situation and trying to adjust to the new normal of supporting a remote workforce, and the security function is often called upon to provide leadership and solutions beyond the typical scope it covers. It is important for cyber-security professionals to understand that they are not alone and that many of their peers are facing similar challenges”, said Wesley Simpson, COO of (ISC)2.
The (ISC)2 ‘COVID-19 Cybersecurity Pulse Survey’ related to 256 global cyber-security professionals responsible for securing their organisations’ digital footprint. However, this figure was pointed out by the Association of Certified Cyber-Security Professionals to represent a small ‘snapshot’ of the challenges faced, not an in-depth study.
‘Interesting times’ as warned of by an old Chinese curse, & without any hint of irony.
