Three step process to mitigate cyber-attacks during the COVID-19 pandemic

With a majority of the organizations opting for remote working in the Middle East due to the COVID-19 pandemic, there has been a substantial increase in cyber threats as well as per a recent report by VMware Carbon Black. Ransomware attacks alone rose by 148 percent from February-March 2020, with financial firms being the hardest hit.

In order to counter these rising cyber threats, the Middle East organizations should follow a three-step process of education, testing and longtime strategizing, conclude the industry experts.

“Amid the COVID-19 coronavirus, Middle East organizations have rapidly moved to remote work – and now they need to ensure cybersecurity catches up to this ‘New Normal,’” said Praj Calthorpe, Deputy General Manager, Condo Protego, the leading UAE-based IT infrastructure and information management consultancy and solutions provider. “Government, banking and finance, and manufacturing are among the industry verticals that need to optimize cybersecurity to keep economies running.”

Firstly, organizations should assume they are being targeted by cyber-criminals. IT departments understand the threats, and they need to educate the C-suite and lines of business about how the threat landscape can imperil business continuity.

One growing trend has been the lowering barrier of entry for bad actors to deploy cyber-attacks. Cybercriminals are increasingly selling hacking services on the black market – also known as “Hacking as a Service.” Middle East organizations need to be on high alert for Advanced Persistent Threats and social engineering attacks.

Secondly, organizations should work with channel partners on vulnerability assessments and penetration testing – to identify gaps in their devices, networking, storage for cyberthreats — and then work on strategies to enhance cybersecurity. Organizations can also examine new remote work vulnerabilities due to COVID-19.

In the Middle East, Condo Protego is seeing strong demand for cybersecurity solutions from vendors such as Secureworks, RSA, and VMware.

Thirdly, Middle East organizations should work with knowledgeable and experienced vendors and channel partners to develop short-term, medium-term, and long-term cybersecurity strategies that can help an organization to face ever-evolving threats.

“Middle East organizations can find managed security services have low entry costs and can deliver major business benefits,” added Praj Calthorpe. “Organizations need to understand that cyberattacks have direct business costs, and intangible costs of reputational damage that can irreparably harm customer trust and experiences.”