With the dramatic increase in remote work since the pandemic and COVID-19 related pandemic scams out there, it’s probably no surprise that data breaches and other cyberattacks are on the rise this year, affecting all types of data within companies, including data maintained within electronic discovery solutions. Companies have had to address security issues at the home level for many of their employees, which often have widely varying levels of home internet security environments.
Nonetheless, a recent survey by Gartner says that almost three-fourths of companies (74 percent) expect to permanently shift some employees to remote work after the pandemic, so the challenge is indefinite. With that in mind, let’s take a look at some statistics that reflect the current cybersecurity challenges and four recommendations to address those challenges.
COVID-19 Related Cybersecurity Statistics
The first step to addressing a problem is to understand the extent of the problem. So, here are some of the recent cybersecurity statistics associated with COVID-19 and remote work:
- According to Bitdefender’s Mid-Year Threat Landscape Report 2020, global ransomware reports have increased by over 715% over the first half of 2020 when compared to the first half of 2019.
- Barracuda Networks reports that the number of COVID-19-related spear-phishing attacks rose 667% from February to March this year.
- According to Tessian Research, 47% of employees cited distraction as the reason for falling for a phishing scam while working from home.
- CPO Magazine reports that half a million Zoom user accounts were compromised and sold on a dark web forum.
- According to Gartner, 52% of legal and compliance leaders are concerned about third-party cyber risks due to remote work since COVID-19.
- The search term “how to remove a virus” increased by 42% in March on Google.
- IBM reports that remote work has increased the average cost of a data breach by $137,000 and that 76% of remote workers say working from home would increase the time to identify and contain a breach.
IBM also reports that the average time to identify and contain a breach is 280 days! This means that some data breaches that may have occurred when your workers began working remote haven’t yet been identified!
Recommendations for Addressing Increased Cyber Challenges
Here are four things your company can do to reduce the risk of becoming one of the statistics cited above:
- Implement a Robust Backup and Recovery Program: With ransomware attacks up over seven times compared to 2019, it’s more important than ever to have a robust program for backing up your company’s data. This also means extending backup and recovery processes and procedures to remote workers. There continue to be more stories of businesses shut down for days because of a ransomware attack. Don’t be one of them.
- Require Multi-Factor Authentication Wherever Possible: Stolen credentials are one of the easiest ways for hackers to gain access into important systems. Enabling two-factor or multi-factor authentication effectively eliminates the risk that stolen credentials will be harmful. Hackers can steal credentials remotely, but unless they have also stolen the mobile device to receive the authentication text, those credentials will be worthless and your system will remain safe.
- Select eDiscovery Providers with Remote Work Experience: Some eDiscovery providers had to scramble when the pandemic forced so many of us to work from home, but others have conducted remote work for years and have already worked the issues out that other providers have struggled with. Ask your provider detailed questions about their remote work experience, including how long they have had a remote workforce, what security mechanisms and protocols they have for remote work and what their backup/recovery and multi-factor authentication capabilities are.
- Look to the Cloud for Answers: The move to “the Cloud” has already been happening in a big way for several years now, but the importance and value of cloud-based and managed services solutions is even more important during the pandemic. Usage of Zoom has grown from 10 million daily users to 300 million since the pandemic began and Microsoft Teams users have tripled. Cloud-based and managed services eDiscovery solutions enable companies to address many of the challenges associated with remote work environments by providing a secure environment to host your sensitive data. When considering cloud-based and managed services solutions, look for providers that are ISO 27001:2013/17 certified and audited as that is the current internationally recognized standard for security for hosted solutions.
Addressing the recommendations above can enable your company to address remote work challenges during the pandemic and beyond, while avoiding becoming another cyberattack statistic.
For more information regarding Cimplifi’s Certifications & Compliance Initiatives, click here.