Cybersecurity

COVID-19 has disrupted cybersecurity, too – here's how businesses can decrease their risk

cybersecurity cyber security risk cyberattack how to digitisation digital transformation covid-19 pandemic crisis virtual schools robotics healthcare retail

How leaders should approach cybersecurity in the post-COVID world. Image: Markus Spiske/Unsplash

William Dixon
Global Head, Research, ISTARI
Maninder Singh
Corporate Vice President & Global Head, CyberSecurity & GRC Business, HCL Technologies
Share:
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:

Cybersecurity

This article is part of: Centre for Cybersecurity
  • COVID-19 is accelerating the digital transformation of business, especially retail, education and healthcare.
  • Rapid, unplanned digitisation increases the risk and impact of cyberattacks.
  • Leaders should take a systemic approach to cybersecurity in three phases.

COVID-19 is changing everything. Along with social distancing, obsessive sanitisation, broken supply chains, fragmented workforces and the rise of video meetings, the pandemic is driving acute systemic changes in consumer and business behavior. These changes are causing an outbreak of new and unanticipated business moments. The resolve to transform is palpable.

Businesses know they must rapidly innovate, take advantage of new digital tools and leverage cloud services to emerge from the crisis ahead of their competitors with momentum for the long-term transformation of their business in the altered global landscape.

This innovation is good news, but it is coming at a cost. As digital spreads its roots deeper, it also increases the risk and impact of cyberattacks.

Have you read?

The World Economic Forum’s COVID-19 Risks Outlook found 50% of enterprises were concerned about increased cyberattacks due to a shift in work patterns alone. These concerns are merited. Hasty and unplanned decisions related to digital transformations will add substantially to the spate of cybersecurity issues.

Most worrisome risks for your company after COVID-19
Half of businesses are concerned about cybersecurity due to the shift in working patterns. Image: World Economic Forum

Cybersecurity matters even more given the increased dependency on digital infrastructure to ensure collective resilience. Many of the industries which are transforming serve critical functions – and a break in their supply chains could affect the movement and availability of life-saving drugs, components, equipment and raw materials.

The COVID-19 pandemic is driving technological transformation in three key areas – and there are three steps leaders must take to secure them.

3 key technological transformations facing cyber risk

Technological transformation will continue during the pandemic and long after. The challenge for global security is that this large-scale, unplanned digitisation is supported by nimble but relatively immature business models and operations.

We see this in three key transformations:

These three trends represent a revolution in terms of how people connect to resources, creating an even more connected world. But they are also low-hanging fruit for cybercriminals. This is especially true because, at an ecosystem level, cybersecurity resources are still not available at scale, and remain concentrated in the most well-resourced and mature markets.

3 steps leaders can take to address cybersecurity challenges

Leaders must start taking a systemic approach to security while also transforming their businesses.

For leaders tasked with securing their businesses from both market forces and cyberattacks, the approach needs to be timely and staged in three phases:

  • Immediate Term (0 to 3 months): Offices are empty, and businesses and employees are adapting to the new mode of working. To keep enterprises running, businesses must secure remote access and collaboration services, step up anti-phishing efforts and strengthen business continuity. Businesses need to establish a culture of robust cyber hygiene, by providing resources to the workforce and managing access and monitoring activity on critical assets.
  • Near Term (3 to 6 months): Not all organisations understand their security posture and the effectiveness of security controls. As a result, they don’t make the right decisions or prioritise the correct actions, which leaves the enterprise open to attack and compromise. Securing end users, data and brand is the next priority. As the number of cybersecurity threats has increased, chief security officers and their teams are also benefiting from an increase in prioritisation. Budget rebalancing will be inevitable as other projects are put on hold to safeguard organisations and invest more in security.
  • Medium to Long Term (12 months): Cybersecurity strategists should now think longer term, about the security of their processes and architectures. They should prioritise, adopt and accelerate the execution of critical projects like Zero Trust, Software Defined Security, Secure Access Service Edge (SASE) and Identity and Access Management (IAM) as well as automation to improve the security of remote users, devices and data.
Discover

How is the Forum tackling global cybersecurity challenges?

COVID-19 is changing the technology culture and infrastructure of every medium-sized and large organisation faster than any known event or phenomenon. This means changes will continue coming – and hackers will continue to target our growing dependence on digital tools. Businesses that focus on a return to “near-normal” will be investing time, effort and money in a battle long lost.

The pandemic presents an opportunity for full-blown innovation, a dramatic shift in perspective and the adoption of safe and resilient operating processes. The intensity and emphasis an organisation brings to its cybersecurity strategy will determine if the opportunity adds to bottom lines – or turns into a business disaster.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
CybersecurityFourth Industrial RevolutionHealth and Healthcare Systems
Share:
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Safeguarding central bank digital currency systems in the post-quantum computing age

Cameron Nili, Tom Patterson and Carl Dukatz

May 21, 2024

1:06

About Us

Events

Media

Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum