Cyber Security in the Pandemic & Remote Work Environment

As the COVID-19 epidemic crept throughout the world, most firms made a swift shift to a remote workforce and a more intensive concentration on providing consumers through digital channels. The consequence was a dramatic increase in the need for digital resources. When it came to defending the company and its customers, cybersecurity personnel were also largely effective in their dual task of ensuring business continuity.

The increased reliance on digital solutions to the COVID-19 dilemma has resulted in further security flaws. Insecure devices and networks used by remote workers present an opening for attackers. Individuals anxieties about COVID-19 being exploited by threat actors using traditional attack methods. In April, for instance, Google recorded more than 18 million malware and phishing emails connected to the new coronavirus on its service daily. According to the research, more than a dozen government-backed organizations employ COVID-19 themes.

The COVID-19 epidemic and its response have had far-reaching effects on the economy and trade. These are altering essential elements of the corporate environment, from digital strategy to operational and enterprise risk appetite. The fundamental nature of employment, as well as the design of supply chains and relationships between businesses and authorities, is undergoing radical transformations. According to a McKinsey poll of digital attitudes, most professional working from home does not want to return to the office anytime soon. Seventy percent of respondents said they would consider a company's policy on remote work while looking for new employment. It's common to hear these kinds of comments from customers: 75 percent of responders using digital channels due to COVID-19 indicate that they will continue to do so.

To effectively prepare for the next phase of business, CISOs and their teams must adopt a twopronged strategy. They must first get the necessary technologies to meet the new hazards that have arisen with the advent of distant digital labor. To effectively engage and incorporate security by design, they will also need to anticipate the next normal: the interplay between their staff, consumers, supply chain, channel partners, and sector peers. It must also examine the new environment of evolving customer and staff behavior and a continually moving danger landscape.

Security's importance in allowing remote activities during and after a crisis was highlighted by the reaction to the pandemic. As firms reinvent their processes and restructure architecture within the COVID-19 reaction, cybersecurity teams are being regarded afresh. They must go from being perceived as an impediment to development to being valued contributors to IT and business strategy.

Managing Dangers And Shoring Up Successes

Cybersecurity executives responded to the crisis by identifying and eliminating hotspots, correcting and cleaning up operations, and reinforcing incremental digital advantages as businesses switched to new processes and technology. Efforts in each area co-occur and are continuing. Cybersecurity teams may only just be reaching the stage where they are strengthening first incremental wins; they may also have to reassess earlier efforts when new technology or procedures are implemented. Some of the insights that businesses and cybersecurity authorities have shared with us in three areas are detailed below.

Identifying Problem Areas and Eliminating Them

Security teams have had to quickly address operational processes and technological gaps caused by the pandemic response and the subsequent trend of workers working remotely from less secure venues and, in many cases, with less safe personal equipment. Leaders have had to conduct virtual all-hands meetings, handle employee training needs, and encourage staff to practice good digital hygiene by applying security patches and upgrading mobile apps.

By providing all call-center employees with Wyse thin-client terminals for secure remote connections, a primary financial services provider could quickly serve its distant workforce. Virtual private network (VPN) split tunneling and firewall upgrades helped fix early bandwidth and performance problems. The corporation also enabled remote patching to all end-user devices by updating all its AnyConnect remote servers.

In another situation, a big bank modified various security rules in reaction to the COVID-19 incident. The firm increased the frequency of its awareness ads (with pandemic-themed content) and saw a 95 percent increase in click rates during monthly antiphishing testing. The company has instituted a 30-day schedule for essential fixes and a ban on using USB connections.

Maintenance, Cleanup, and Repair Work

Many businesses had to lower their safety standards when responding to the epidemic to keep operations running temporarily. Companies reassessed these remaining risks as workers and consumers adjusted to the new procedures and implemented stricter controls.

Keeping up with the increasing popularity of cloud-based collaboration tools, one significant telecoms provider, for instance, hastened the release of new cloud-aware monitoring features inside its security-incident and event-monitoring (SIEM) product. It also evaluated its security and monitoring procedures for third-party providers to double-check previously loosened reinstated limits.

Similarly, during the transition to remote work, a big bank performed threat modeling on the new collaborative tools its staff had utilized, including illegal tools. The bank also implemented new security measures or swapped out obsolete items according to predetermined risk limits.

Reinforcing Safety Improvements

Companies began establishing processes for remote work settings and exploring technology to prevent long-term risk as employees become accustomed to working from home.

Some businesses have instituted new measures to safeguard their customers and reduce the possibility of fraud. A major financial institution has rolled out biometric and device-based verification for high-stakes digital transactions across more mission-critical channels. In addition, the bank has hastened the rollout of a cutting-edge fraud-detection system that uses artificial intelligence. Rather than spending hours doing so, you may evaluate incoming transactions in 300 ms or less.

Another example is a national insurance provider that revised its rules and practices to incorporate the safety precautions necessary for remote employees. Implemented a new policy and standard to reduce the possibility of hackers gaining access to the system via unprotected personal printers. All workers were prohibited from using remote printing using their printing equipment unless in recognized business instances.


With the first phase of the pandemic under control, chief information security officers (CISOs) are moving their focus to predicting how new conditions may influence the corporate environment. They are adjusting their current cybersecurity practices and long-term cyber risk strategy to account for these anticipated changes.