Cybersecurity in the Year of COVID-19: A Recap

By Editorial Team | December 18, 2020

2020 was one of the most unpredictable years in the history of cybersecurity – and also one of the most vulnerable. We saw spikes in cyberattacks against remote workers, online classrooms, and workplaces as networks expanded due to a widespread shift to telework – something that nobody could have fully anticipated or prepared for. CISOs had to rapidly adjust their security strategies to these increased threats and new work realities, with little room for error. 

There have been ups and downs, but no tough moment comes without a much-needed lesson learned. With that in mind, here is a recap of some of the most important cybersecurity lessons in 2020 that CISOs can (and should) learn from. 

Common Threats Gain New Life

There were two main effects the pandemic had on work environments in 2020 that led to increased phishing and malware attacks. The first was the increase in employees working from home, often on personal devices with minimal security. The second was that human emotional vulnerability, which phishing attacks have long relied on, was amplified by stressors related to the pandemic and the shift in the work environment. The 2020 Remote Workforce Cybersecurity Report showed that nearly two-thirds of respondents saw an increase in breach attempts, with 34% of those surveyed having experienced a breach during the shift to telework.

Unsecured Home Networks: Within the confines of a corporate office, company IT infrastructure can be more easily safeguarded against threats. But more people working from home introduces personal computers, tablets, and phones, as well as various internet of things (IoT) devices on home networks into the larger corporate network. This creates a host of vulnerabilities bad actors can exploit that they did not previously have access to. Because of this, “[CISOs have] suddenly [found] themselves seated at the table and involved in decisions that have become more and more strategic,” explains Fortinet CISO, Alain Sanchez. “They are having to coordinate a culture of security throughout all departments of the company, including advising the CEO and the Board.” 

Social Engineering: Phishing has long relied on social engineering tactics geared toward exploiting the weakest link in a network – humans. Appealing to intense emotions makes it much more likely that someone will click on a link that leads to a malware attack. In addition, cyber criminals are now making use of basic artificial intelligence (AI) and machine learning (ML) to refine their traditional “spray and pray” tactics. By measuring which types of attacks, which messages, and which links and attachments targets were more likely to click, cybercriminals have been able to modify and optimize phishing emails to ensure maximum impact. 

Reflecting on Critical Cyberthreat Trends from 2020

A recent Global Threat Landscape Report from FortiGuard Labs illustrates many of the trends that have emerged or shifted so far this year. While the pandemic is identified as a driving factor, other new threats have emerged as well. Key takeaways for CISOs include:

  • As mentioned previously, the coronavirus led to pandemic-themed phishing attacks and scams that employees should be made aware of.
  • Web-based malware used in phishing and other attacks also increased. While this was on the rise prior to the pandemic, as more people surf the internet from home devices these types of attacks are gaining a stronger foothold.
  • Consumer-grade routers and IoT devices were a common point of exploitation due to an increase in employees working from home and connecting to the enterprise network from personal devices.
  • Currently, 2020 is on track to shatter the record for disclosed vulnerabilities, though the ratio of vulnerabilities with active exploits still remains low.

Solutions for Structuring a Secure Telework Business Model 

Just as COVID-19 shows no sign of going away anytime soon, neither does working from home. In fact, Global Workplace Analytics predicts that telework will remain a trend even after the pandemic subsides due to the flexibility and convenience it provides. Because of this shift, Fortinet CISO Courtney Radke notes that CISOs must work to “understand [their] new traffic patterns, set new baselines, and build new alerting and reporting guidelines” to keep their workforce secure. 

As such, lessons learned during the early days of the pandemic can inform solutions for secure telework moving forward. In addition to critical baseline solutions many teams implemented when remote work first became widespread in 2020, CISOs should plan for additional security solutions in their 2021 strategies. These include taking the following measures: 

  1. Multifactor authentication (MFA) provides another layer of protection as it requires additional verification of end-users. One method for achieving multifactor authentication is through the use of a hardware- or software-based token, which features a time-based password generator. The identity of end-users can also be established using a tool that provides access management and single sign-on.
  2. Endpoint detection and response (EDR) is another critical security factor that provides proactive identification of threats on endpoint devices. EDR systems actively monitor data in real-time, identifying threat patterns and automatically responding. Advanced EDR solutions not only respond automatically to incidents but also utilize AI-based technology to predict and prevent threats. 
  3. Particularly useful for networks with IoT devices, network access control (NAC) allows users to view all devices on a corporate network and control them using dynamic and automated responses. This enables the network to quarantine or simply refuse access to non-compliant devices and also provides critical access controls for businesses whose users need to work from home on personal devices, providing a scalable solution that simplifies the onboarding process for remote users.
  4. With a Secure SD-WAN solution, companies can rapidly and securely choose the best communication path for their users at any given time. This strategy supports the changing communications patterns of remote workers, especially as telecommuting becomes more commonplace.

Create a Human Firewall by Educating Remote Workers 

While implementing a robust security strategy may lay the foundation for safe remote work, it is important to note that the human factor has long been the weakest link when it comes to protecting against phishing and malware attacks. This is of particular concern now: Not only has the pandemic led to heightened fears and emotions that are easily preyed upon using these techniques, but with so many new people working from home, especially those also seeing a huge increase in messages from company leadership, it has become increasingly difficult for users to determine whether or not an email is legitimate.

“Phishing is the unfortunate gift that keeps on giving, and it has become even more sophisticated,” says Joe Robertson, one of Fortinet’s Field CISOs. One of the most important tools in combatting phishing is an educated workforce. By prioritizing cyber awareness training, creating partnerships between security teams and other departments, and establishing easy-to-follow best practices, CISOs can help their employees understand their impact on cybersecurity within the enterprise and provide them with the tools and training they need to protect themselves and the organization.   

Information security awareness training can help CISOs ensure their employees become more cyber aware. Building a human firewall by sufficiently training remote workers creates a critical line of defense against attacks. “By prioritizing training and collaboration between departments and the security team, CISOs can lay the groundwork for a strong culture of security. Identifying suspicious behaviors, keeping devices up to date, and practicing safe cyber behavior should be built into the fabric of all job roles to ensure that the human firewall continues to stand firm,” says Fortinet Deputy CISO Renee Tarun.

“By prioritizing training and collaboration between departments and the security team, CISOs can lay the groundwork for a strong culture of security. Identifying suspicious behaviors, keeping devices up to date, and practicing safe cyber behavior should be built into the fabric of all job roles to ensure that the human firewall continues to stand firm.” – Fortinet Deputy CISO Renee Tarun

Building a Culture of Security

The shift to remote work has created a more complex security landscape that will require significant focus and resources moving forward. According to Robertson, “One of the biggest tasks ahead for CISOs in the coming months and years is going to be to work closely with other parts of the organization to instill a real culture of security.” Adaptability, innovation, and open minds are key.