New Research from Exabeam reveals that COVID-19 has increased cyber and financial risks as security teams reduce staff.
Cyberthreats and the loss of revenue are rising as more employees work from home, even as furloughs and job redundancy threaten to shrink the security workforce. Exabeam has released research they commissioned that identifies the initial impacts of the COVID-19 pandemic on security teams. The report suggests increases in both cyber and financial risks since the onset of the health crisis in the first half of 2020. During this time, 80 percent of companies saw ‘slightly to considerably more’ cyberattack attempts, breaking down to 88 percent in the USA and 74 percent in the UK.
In total, one-third of respondents experienced a successful cyberattack during COVID-19, leading to network downtime for 40 percent of British companies and 38 percent of American companies.
The research, conducted in the UK and the USA by Censuswide, included more than 1000 IT security professionals at SMEs, half in a chief information security officer (CISO) or security operations center (SOC) leadership role, and half in a security engineer/analyst or security architect position.
Of the total respondents, the majority reported that companies deferred all security hiring during March through June 2020, with significantly higher deferrals in the USA (70 percent) versus the UK (42 percent). On top of hiring freezes, 75 percent of overall companies experienced security team furloughs, and 68 percent laid off team members. By region, 36 percent of British and 29 percent of American companies reported that two security team members had been furloughed. Nearly 29 percent of Amrican teams lost one to redundancy, and 33 percent of British teams lost two.
Despite the team reductions, just 22 percent of the total respondents listed staff shortages as the biggest challenge in mitigating threats while working remotely. This issue was eclipsed by communication with security teams in the UK (33 percent), and communication with other IT functions in the USA (40 percent). Strained interactions between IT and security teams is common but even more difficult to manage remotely. Combined with fewer hands during cyberattack investigation, this can impact overall mitigation efforts when remote. Network security issues were also prominent, with 29 percent of all respondents citing difficulty investigating attacks, and 27 percent naming lack of insight into individual networks as some of their major struggles.
In addition to these communication and technology challenges, successful cyberattacks on the small- to medium-sized enterprises surveyed resulted in the following financial impacts per incident:
Loss of business revenue – In the USA almost half of respondents (49 percent) lost at least $38K, while in the UK 40 percent lost at least £30K.
Negative impacts on brand reputation – About half of all companies saw an impact to their brand reputation. In the UK just over half (50.5 percent) saw at least £30K in losses; in the USA 45.5 percent reported at least $38K in losses.
Legal and mitigation costs – In the UK, 33 percent spent at least £20K; in the USA, 41 percent spent at least $38K.
“Companies are grappling with the security fallout from an unexpected shift to remote work, but it’s business as usual for cybercriminals and foreign adversaries with unprecedented opportunity,” said Steve Moore, chief security strategist, Exabeam. “The rise in attempted cyberattacks while companies experience staff reductions is a harsh reminder of the security and financial challenges created by the pandemic. Automation of repetitive tasks can allow security teams to improve efficiency and accuracy in the remote environment, especially focusing on the credential, as well as detection and mitigation.”
Interestingly, since the beginning of COVID-19, about one-quarter of U.K. companies and one-third of American companies chose to increase automation usage in their security tools due to remote work, but oddly, one-quarter of British companies also decreased use of automation during the same time period. Automation can be used to solve technology-related problems such as lack of insight into networks, a noted problem in this survey.
On average, 60 percent of respondents in both regions deferred planned investments in security technology, with the USA (68 percent) result again higher than UK (51 percent) counterparts. While both experienced significant psychological shifts due to remote work, overall American companies reported greater impacts such as distractions in the home, learning curve with new applications and tools, and blurred lines between work and personal computers than British companies. The specific area with the widest margin was individuals’ false sense of safety and/or privacy.
“We suspect that these country-level differences stem from the UK’s consumer privacy legislation being much more mature than in the USA, which virtually has no similar regulations in place,” said Moore. “This could lead to British responders feeling more secure in this remote world, as their country has done the work to have a program in place.”
Rick McElroy, Cybersecurity Strategist at VMware Carbon Black, describes some of the myths surrounding managing a remote workforce securely. I’ve attended a bunch of executive CISO roundtables over the past …