The COVID-19 pandemic has created a number of issues concerning public health and safety. At the forefront of peoples’ minds are genuine concerns surrounding the transmission of the virus, its strain on health care systems, and the impact it has on the economic, societal and mental wellbeing of citizens.
One of the main impacts of COVID-19 has been the requirement for a host of office employees to start working from home. This has brought with it a range of problems for information security. Complex information technology (IT) systems are usually designed with a particular architecture in mind and, more often than not, these do not normally include a host of remote workers – especially in critical infrastructures. Accessing organisational IT systems on computers (sometimes even personal) through home or other external network connections can threaten the cybersecurity resilience of an organisation.
Europol have kept abreast of the altered cybersecurity landscape through a recent report, which describes how attack vectors have evolved as a direct response to the pandemic. Not only is the general attack surface now larger due to the interaction between normally secure systems and those that are not in the direct control of the systems administrators. There is also considerable evolution of the types of attacks, their purpose and theme, as well as an evolution of the people that are now being targeted. Additionally, the vulnerability of the human element in the cybersecurity architecture of an organization is harder to protect outside of its premises.
The financial sector
While the financial sector has similar cybersecurity concerns to any other, it is also clearly defined within Europe as one of the “critical sectors”. This means that operations and information flows in the financial sector are of key relevance for the continued secure and efficient operation of the European Union. Any cyberattack on the sector has the potential for causing considerable harm to both societal and economic cohesion.
In recent communications, the European Central Bank outlined how COVID-19 placed additional demand on IT infrastructure, with vigilance required now more than ever to ensure appropriate safeguards and security measures remain in place. While banks also activated backup offices to ensure the continuity of their activities, more and more employees transferred their workplace to their homes. In reality, this has meant that employees have had to become more aware of specific cybersecurity attacks such as phishing, social engineering, and spoofing. Employees have had to understand how virtual private networks and robust and strong encryption are crucial to ensuring secure communication between their computer (located at home) and their organisation’s IT infrastructure. Employees have also had to ensure that they are more than ever aware of security practices regarding password creation, storage, information sharing, and even in some cases have to become especially vigilant with files and links that are sent to their home computers (which are often on the same home network as their work computers).
How SOTER can help
One of the main goals of the SOTER project is to create a competence catalogue and training manual for the financial services sector. Its goal is to ensure employees become more aware of the ever-changing cybersecurity landscape; become more aware of what a cybersecurity attack actually looks like in their sector, but also to help employees develop new skills and knowledge about how cybercriminals target employees and organisations that are not as aware, or vigilant, with their cybersecurity defence as others.
SOTER also emphasizes the key importance of the overall organizational measures for improving cybersecurity. Even the most aware and competent employees can fail to react properly towards cybersecurity threats if they are not given enough resources and support structures within the organization.
As COVID-19 starts to dissipate, and we all start returning to work, there will be some organisations that will have learned that their employees are more efficient and happier working from home. Some organisations may find that letting their workers work remotely may reduce costs and increase employee retention. This may mean that remote work becomes even more prevalent than it was before. As COVID-19 (hopefully) starts to become more of a memory than an ever-ubiquitous concern, organisations may understand that keeping their IT systems safe and secure is even more of a composite of system and human. With that in mind, they may wish to equip their employees with the knowledge that can help them become more resilient from an ever-changing cybersecurity landscape.
Achieving cybersecurity resilience is not a one-time goal. It is a continual challenge where the levels of competence and organizational processes need to be kept up to date on a regular basis. This is where SOTER comes into play.
Robin Renwick, Trilateral Research
Martin Griesbacher, RISE