Amid the spike in COVID-19 coronavirus cybersecurity threats tied to remote work, Middle East organizations should follow a three-step process of education, testing, and long-term strategizing, industry experts announced.
Worldwide, organizations saw a 70 percent increase in remote work from February-April 2020 – with a concurrent rise in cyberattacks such as phishing, fake apps and maps, trojans and backdoors, crypto miners, botnets, and ransomware, according to a recent report by VMware Carbon Black. Ransomware attacks alone rose by 148 percent from February-March 2020, with financial firms as among the hardest hit.
“Amid the COVID-19 coronavirus, Middle East organizations have rapidly moved to remote work – and now they need to ensure cybersecurity catches up to this ‘New Normal,’” said Praj Calthorpe, Deputy General Manager, Condo Protego. “Government, banking and finance, and manufacturing are among the industry verticals that need to optimize cybersecurity to keep economies running.”
Firstly, organizations should assume they are being targeted by cyber-criminals. IT departments understand the threats, and they need to educate the C-suite and lines of business about how the threat landscape can imperil business continuity.
One growing trend has been the lowering barrier of entry for bad actors to deploy cyber-attacks. Cybercriminals are increasingly selling hacking services on the black market – also known as “Hacking as a Service.” Middle East organizations need to be on high alert for Advanced Persistent Threats and social engineering attacks.
Secondly, organizations should work with channel partners on vulnerability assessments and penetration testing – to identify gaps in their devices, networking, storage for cyberthreats — and then work on strategies to enhance cybersecurity. Organizations can also examine new remote work vulnerabilities due to COVID-19.
In the Middle East, Condo Protego is seeing strong demand for cybersecurity solutions from vendors such as Secureworks, RSA, and VMware.
Thirdly, Middle East organizations should work with knowledgeable and experienced vendors and channel partners to develop short-term, medium-term, and long-term cybersecurity strategies that can help an organization to face ever-evolving threats. “Middle East organizations can find managed security services have low entry costs and can deliver major business benefits,” added Praj Calthorpe. “Organizations need to understand that cyberattacks have direct business costs and intangible costs of reputational damage that can irreparably harm customer trust and experiences.”
