From work to play and everything in between, this pandemic has changed everything, and cybersecurity is not an exception. Microsoft conducted a global survey of 800 business and cybersecurity leaders from companies with 500 or more employees in different countries of the world. The primary objective of this study was to assess the impact of this pandemic on the cybersecurity mindset and approach of businesses.
Here are some useful insights from the survey:
- 82% have invested in specialized cybersecurity teams
- 81% felt the pressure to reduce the cybersecurity costs
- 58% of respondents said that they have increased their cybersecurity budgets
Want to know more? You are at the right place. In this article, you will learn about six key insights from Microsoft’s survey conducted to assess the impact of this pandemic on the cybersecurity industry.
1. Increase in Phishing and Malware Attached To COVID-19
As pandemic started to wreak havoc across the world, cybercriminals decided to take advantage of this situation and launched a flurry of phishing and malware-based attacks associated with COVID-19. That is why more than half of security leaders (54%) reported a spike in phishing attacks.
Microsoft also experienced the same trend when they reported an increase in phishing and malware attacks back in March. That trend is continuing. Businesses will have to increase cybersecurity awareness of their employees so they can detect and report social engineering attacks. The worst part of the story was that most businesses are ill-prepared to deal with this challenge and their employees clicked on the phishing emails and fell victim to these COVID-19 linked phishing attacks. By using cybersecurity tools and human insights in conjunction, businesses can easily track COVID-19 linked attacks before it can target their customers or employees.
2. Security and Compliance Budget Growth
The survey also found that 65% have increased their cybersecurity budget for compliance while 58% have increased their cybersecurity budget for security. Unfortunately, the pandemic also took its toll on businesses as they are forced to cut down their cybersecurity expenses. In fact, 81% said that they felt the pressure to reduce the cost of their cybersecurity operations.
To keep the costs down, most businesses (40%) opted for cloud security as they started switching from best-dedicated servers to cloud servers and started to buy VPS servers. Data and information security were also on the top of the minds of 28% of cybersecurity professionals while 26% invested in solutions to protect their businesses from phishing attacks.
3. Investment in Specialized Security Teams
COVID-19’s impact on businesses can be gauged by the fact that it has forced 80% of companies to change their cybersecurity staffing approach. Most businesses spend a big chunk of the cybersecurity budget (42%) on hiring security professionals. Other businesses opted for outsourcing cybersecurity based on company priorities and needs. The focus shifted from generic IT teams to specific security teams that specialize in cybersecurity.
Some of the advantages of having a specialized cybersecurity team are as follows:
- A specialized team is much better equipped to handle specific risk areas.
- A specialized team can handle a barrage of information
- A specialized team consists of subject matter experts.
4. Higher Productivity and Better Collaboration
With a majority of businesses operating remotely and their employees working from home, the main priority for businesses has been to secure remote workers while delivering a great end-user experience and improving their productivity. Due to this, initiatives to extend cybersecurity across different applications started gaining popularity. Providing secure remote access to all the data, apps and other resources becomes one of the biggest challenges for security leaders.
5. Zero Trust Architecture
The growing number of data breaches, cybersecurity attacks and identity theft incidents have forced businesses to adopt zero trust architecture. Businesses have stopped trusted anyone and will authenticate every user before granting them access to data. Identity verification is at the heart of zero trusts. It ensures that only users and devices with permission can access certain types of data, systems and applications.
According to a Microsoft survey, 51% of cybersecurity leaders are pushing and speeding up the adoption of zero-trust solutions and resources. Most cybersecurity leaders also think that zero trust architecture will soon become the industry standard and the day when every business adopts a zero-trust architecture is not far away.
6. Cyber Resilience is Critical
The increasing number of cyberattacks and data breach incidents means that it is only a matter of time when your business can become a target of such an attack. It is not about whether you will be targeted but it is more about when you will be targeted. As alarming as it might seem, the cybersecurity resilience of a business can make or break your business.
The cyber resilience of your business is critical as it is an indicator of how long your business can operate after becoming a victim of a cybersecurity attack or data breach. Despite it being fundamental to the continuity of your business, cyber resilience adoption is still exceptionally low, which is quite alarming.
Even though, majority of cloud adopters have a cyber resilience strategy to deal with different risk scenarios but most businesses who are still relying on on-premises solutions do not have one at their disposal. It does not end there. Most on-premises companies do not have a documented cyber resilience plan.
Businesses that are cyber resilient struggle to maintain cyber resilience. Businesses should constantly evaluate the risk threshold and execute cybersecurity processes by using human and technology combinations. Thanks to the cloud, it is never that easy to create a cyber resilience strategy as it is now. This also enables your business to prepare for a wide range of contingencies.
What do You Need to Do?
Microsoft recommends businesses to:
- Hire diverse security professionals and empower them with threat intelligence and cybersecurity tools
- Harness the power of the cloud and take advantage of security features that span from endpoints to the cloud
- Understand the impact of remote work on your business
How did this pandemic impact your cybersecurity and digital transformation efforts? Let us know in the comments section below.