Intelligent CIO APAC Issue 1 - Page 40

FEATURE: CYBERSECURITY The COVID-19 pandemic has resulted in many changes in the working world. Vladimir M. Yordanov, Senior Director of Solution Engineering, Gigamon Asia Pacific, explains the cyberthreats which organisations now face and how to tackle them. So, what can we expect on the cybersecurity front for the rest of 2020? How can organizations and businesses prepare for the new tomorrow? What challenges and attack types should they be ready for? It is important to understand that with cyberattacks, the size of the organization does not matter. According to the 2019 Verizon Data Breach Investigations Report, 43% of all breaches involved small businesses. Following a review of cybersecurity threats that potentially target businesses, my company has compiled a list of the types we are most likely to see over the next year. COVID-19 is having a dramatic impact on people’s lives, families and communities, across the world and throughout Asia Pacific. Organizations and businesses are affected and having to adapt by changing the way employees work and collaborate; offices are closed, people are working remotely and services and applications have been shifted to the cloud. Dependence and reliance on remote access and communications increased dramatically overnight. All these changes have brought new cybersecurity challenges and risks. Yet the situation is hardly a precedent. Cybersecurity has captured the headlines and been a focus for governments, organizations and business for years. Back in 2007, researchers at the University of Maryland conducted a study on threat activity and concluded that hackers across the globe were launching attacks every 39 seconds. Thirteen years later this figure is even higher. • Attacks on remote worker environment and endpoint security – Remote workspace and endpoint security is one of the top concerns of CISOs today. Remote workers often work with minimal security, missing out on the layered and sophisticated cybersecurity defences that the corporate office provides. In addition, most end-users are not cybersecurity savvy and lack the assistance of office InfoSec support. So, they often miss the signs that indicate potential phishing attacks, common cybersecurity threats or an indication of compromise. • Phishing attacks – Since the pandemic struck, phishing has increased 600% while nearly 78% of cyber-espionage incidents in 2019 were related to phishing. Cybercriminals generally use phishing to steal employee usernames and passwords which enable attackers to masquerade as a legitimate employee and manoeuvre undetected through a company’s networks – either on-premises or cloud. APAC cyberthreats: Security needs to emulate process and risk management 40 INTELLIGENTCIO www.intelligentcio.com