<<< Start >>>
<<< End >>>
We’ve all had our world’s turned upside down in 2020. The COVID-19 pandemic has, quite rightly, made us super-cautious about how we work and play to avoid getting the infection and passing it on. But it’s not just the disease that should make us think twice about being more safe and secure. Like COVID-19, cybercrime, cyber espionage and hacktivism are also unseen threats—and they can make or break businesses around the world now that so many employees have shifted to remote working.
It’s probably fair to say that when the COVID-19 pandemic struck, most businesses felt the security function had cyberattacks under control—direct attacks and security breaches were decreasing and a group of cyber resilient leaders were showing how to be better at stopping attacks, finding and fixing breaches faster, and reducing the breach impact. But, almost overnight, the situation changed. Where they could, organizations—our own included—shifted to remote working on a large scale. And with that change, a significant share of the cyber risk shifted to the users sitting in their homes—while the responsibility for cyber resilience still rested on the shoulders of the security team.
<<< Start >>>
It’s not just the disease that should make us think twice about being more safe and secure. Like COVID-19, cybercrime, cyber espionage and hacktivism are also unseen threats.
<<< End >>>
In typical fashion, cybercriminals seized their chance to take advantage. Opportunistic phishing campaigns, discontinuity of information security operations and long-term financial constraints opened a pandora’s box of vulnerabilities. Many companies were faced with executing months-long business continuity plans (BCP), including information security monitoring and response, while operating under quarantine conditions. Implementing safe practices around Home routers, Internet of Things (IoT) devices, and virtual private network (VPN) jumped to the front of priorities lists. And many companies needed extra help to put in place and manage this.
In the latest 2020 Cyber Threatscape report, the Accenture Cyber Threat Intelligence (CTI) team takes a deeper dive into some of the key observations over the last 12 months. We reveal five frontline trends that are influencing the cyberthreat landscape and suggest ways to tackle them.
I’d like to walk you through these trends in more detail over the coming weeks, starting with a closer look at the first trend—how COVID-19 accelerates the need for adaptive security. Here we’re looking at two areas:
- First, how the pandemic opens the door to opportunistic threats—we table the campaigns that have coincided with the pandemic and give examples of some of the underground activity we have observed. We also offer a series of recommendations on how to cope with working-from-home vulnerabilities to make sure there are no unwitting leaks.
- Second, we explore how surveillance tools are poised to welcome the age of Big Brother—the pandemic has helped catalyze huge growth in the use of surveillance technology. Some governments and businesses that have developed contact-tracing apps have experimented with digital monitoring and mobility permissions to enforce lockdown measures, using drones and digital bar codes, or facial recognition. Some businesses and schools are checking to see employees and students are working by asking them to keep their laptop cameras on.
Such measures might remain in place after the pandemic has passed, making it essential to think through their implications for data privacy and information security. As data continues to be seen as a high value, sought after commodity, security leaders should think again about how they handle it.
<<< Start >>>
<<< End >>>
Read the report to find out why I believe that by embracing adaptive security—having a secure mindset, network access, work environments and collaboration—organizations can ensure the right controls and monitoring are in place to help create a safe and secure working environment for their enterprise for the long term.
A special thanks to the following individuals who also contributed to 2020 Cyber Threatscape Report: Patton Adams, Omar Al-Shahery, Joseph Chmiel, Amy Cunliffe, Molly Day, Oliver Fay, Charlie Gardner, Gian Luca Giuliani, Samuel Goddard, Larry Karl, Paul Mansfield, Hannaire Mekaouar, Mei Nelson, Nellie Ohrand Kathryn Orme.
Read the next blog post in this series.
Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.
Copyright © 2020 Accenture. All rights reserved.