Many cybersecurity professionals agree on this first assessment: remote working has increased cyber risks for companies. The two experts explain: “Some of our clients had trouble switching to remote working. The hardest part is to insure the best possible flow and to make sure users can access data safely.” For cyber criminals adapted very quickly and they now target users who are anxious at this special situation and at a way of working that is not well controlled. “For example, the employees can receive an email asking to click on a link to update their password. They proceed thinking it is a security procedure, but it is in fact a phishing email…”.
To them, quarantine is undoubtedly beneficial to darknet markets: “Criminals are in the infiltration phase. They are building up an arsenal with many entry points to be able to attack later or to sell the stolen data”. We will probably witness new phases even more technically advanced.
In these uncertain times were coronavirus has drastically slowed down the global economy and threatens companies’ security, how can we prepare for the end of Covid-19? To Ghaleb Zekri, it is necessary to set up a “Zero Trust strategy or at least a Trust but Verify strategy”. Because going back to normal will not mean going back to the previous situation. “We have to stay careful. Security policies will be reviewed. Some exceptional processes used during quarantine need to become standards such as hygiene rules. Or there would be damage.” Will CISOs have enough means to adapt (especially financially)? “In terms of IT investments, the cyber security department should suffer less than many others because what we are living now will change the way we work and security matters will last as they have shown that they affect not only ISS but the whole company such as the HR department…”, the expert says.
