Skip to Content

Cyber for the autumn of COVID: a three-part series – part 1

Capgemini
October 8, 2020

This blog is organized as a three-part series.  Stay tuned for the exciting conclusion!

Part 1:  How COVID has changed IT

Well, autumn is here. The kids are back in school, and it’s time to settle down to another season of work and family. Right? Oh yeah, except that the kids’ school is online from the kitchen table, and the office is the back room where the air conditioning doesn’t work very well. At least the weather is getting cooler. But that means flu season is coming, too …

I think we can all agree that this year has been an unprecedented experience for literally billions of people all around the world. While the handling of the coronavirus in different regions and different countries have varied greatly, very few people have been untouched by the effects of COVID-19 and governments’ efforts to slow the spread of the virus.

At work, most of us have seen firsthand significant shifts in how we work and collaborate, including the curtailing of business travel, dramatic increases in telework, and online meetings replacing in-person meetings for much of our coordination. Less obviously, we have seen “legacy” paper-based processes stressed by the need for telework, and urgently replaced with online processes wherever possible. The exciting thing here is that thanks to the digitization of the past three decades, many aspects of business have been able to continue operating, even while municipalities have been under quarantine and lockdown.  This is pretty remarkable, all things considered.

Just thirty years ago, operating a business where everyone was sitting at home and working remotely, would have been virtually impossible.

So what do we need to start worrying about, cyber-wise, now that this long, weird summer is coming to an end? In this three blog series, we will look at how COVID-19 has changed IT this past year, how it is shaping the cyber landscape for 2021, and present six key takeaways for 2021 cyber planning.

To start in this consideration, it helps to look back on the past six months and how our IT and cyber postures have shifted to respond to these extraordinary circumstances.   In response to COVID, businesses have had to quickly vacate their offices, transform their collaboration, adjust their business models, control their costs, and shift their product and service offerings to the market. IT has been at the center of many of these transformations.

ComputerWorld identifies that COVID-19 drove IT to quickly deliver on capability improvements including: “video conferencing, virtual desktop infrastructure (VDI), firewalls, network monitoring, communications systems, and collaboration tools.”  ComputerWorld reports that these efforts peaked in March and April, and then “the focus shifted dramatically to security by June, after the initial efforts to respond to the crisis were in place.”

Capgemini observes that the combination of services moving online along with employees working from home combined to dramatically increase the number of cyberattacks against organizations’ IT infrastructures. Even relatively low-tech businesses, such as retail sales, have had to embrace online technologies for employee coordination, customer outreach, and services including appointment scheduling, curbside pickup, and regulatory coordination. This pattern can be summarized as follows:

  • Increased business criticality for IT: To support employees, partners, customers, and suppliers all going virtual instead of in-person, IT systems that were once secondary have become primary and business critical. As a consequence, protection of these systems has gone from being “nice to have” to being equally critical.
  • Cyber controls may have been compromised for business expediency: At the same time that IT systems and their protection became of critical importance, compromises might have been made to meet the IT needs of the COVID-19 crisis. Compromises might have included allowing employees or partners to bypass multifactor authentication (MFA), allowing employees or partners to use personal devices to connect to corporate networks, or exposing critical internal systems to the Internet so that remote personnel could access them.
  • Cyber attacker activity continued to increase: At the same time that IT criticality increased, and cyber protections may have decreased, cyber-attacker activity picked up dramatically. In fact, a Crowdstrike survey reported that there were more cyberattacks in the first half of 2020 than in all of 2019 – a 100% increase year over year. There are many causes to these increases, including more systems being online and Internet connected, more access to corporate systems from lightly-defended home networks and personal computers, and more hackers stuck in their own homes with time on their hands.
  • Ransomware continues to be a leading cyber threat: While cyberattacks resulting in compromised information, breaches of personal information, fraud, and identity theft remain significant concerns, ransomware continues to be the principal cyber moneymaker for hackers. In 2020, we have seen ransomware attacks taking down manufacturers, school districts, and online services.

Come back soon for Parts 2 and 3, where we turn this context into actionable guidance for your 2021 planning and beyond!

To learn more about how you can better secure your organization in today’s environment watch Navigating disruption: new truths in cyber webinar on-demand

https://www.capgemini.com/no-no/us-en/resources/navigating-disruption-new-truths-in-cybersecurity/

Chris Williams

Expert in Cybersecurity strategy

I have been involved in the IT security field since 1994 with a combination of commercial and military positions.
I joined Capgemini through its acquisition of Leidos Cyber in 2018, and currently focus on enterprise cybersecurity, defense against advanced threats, and regulatory compliance strategy.  I have advised commercial clients in the Financial, Industrial, Energy, and other critical infrastructure industries, and also hold a patent for secure e-commerce technology.
I regularly advise my clients on advanced cyberdefense topics including Advanced Persistent Threat, nation-state adversaries, Identity and Access Management, and cloud solutions using SaaS, IaaS, and PaaS technologies.  I have also performed cybersecurity assessments using the NIST CSF, FISMA, FedRAMP, HIPAA, FFIEC, CSC-20, and other frameworks.
I am a frequent public speaker and have presented on cybersecurity topics at RSA, MILCOM, HIMSS, (ISC)2, ISSA, the Smart Card Alliance, B-Sides and other forums.
I have co-authored four books on cybersecurity:
Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program (Apress)
Enterprise Cybersecurity Study Guide (Apress)
Understanding Security Issues (de Gruyter)
Building an Effective Security Program (de Gruyter)
I am also a former Ranger-qualified paratrooper with the 82nd Airborne Division, and hold degrees in Computer Science and Information Assurance.