... News ... Blog ...

Business information security in lockdowns & post-pandemic recovery

Business information security in lockdowns & post-pandemic recovery
DEAC | 07.07.2021

COVID-19 hit numerous industries, but the data centre market remained in favour. According to various studies, revenue for 2020 increased by a quarter. The massive transition to remote work and widespread self-isolation exacerbated information security iassues, as well as revealed a new layer of users who were forced to encounter online space and were just beginning to digitalize their communication, entertainment, shopping and other vital aspects. In this regard, cyber defense issues will remain especially relevant in 2021. The trend is also facilitated by the tendency to maintain remote jobs during the post-pandemic recovery period.

Scammers working in the IT field carefully monitored all news feeds throughout the past year that helped them identify current trends and interests of society. The so-called APT groups create malware and offer it as a service, conduct their own examination of weaknesses in IT protection, which allows you to steal the necessary data and monetize them. Cyberspace fraud has become a profession. At the same time, most often attacks are carried out on the following types of objects. 

  1. State services that allow citizens to receive benefits and subsidies.
  2. Banking sector websites and applications.
  3. Infrastructure of the companies specializing in information security.
  4. E-commerce.
  5. Public digital services.
  6. IoT platforms.
  7. Medical systems. 

The interest of APT groups in these industries will continue in 2021. Therefore, companies have to defend themselves against emerging threats using a new strategic approach to ensuring information security.

Business information security in lockdownBy developing IT transformation, enterprises must differentiate between information technology and information security. Organizations that faced frequent attacks on remote workplaces began to adhere to this strategy. Now employees of IS departments are out of control of IT departments, they began to report directly to the general directors, and the department itself has received a real budget. While the information security sector was funded on a residual basis before the pandemic, the situation has now changed fundamentally. Together with the budget, IS department began to receive their own risk management programs. When developing the latter, it is important to take into account not only real threats, but also possible force majeure situations, for example, when an urgent mass transition to remote jobs is required.

Research shows that the market is coming to the realization that the main task of the IS service is to quickly detect the actions of low violators. Therefore, in the coming years, the tasks of forming new types of security centres will come to the fore, and specific indicators will begin to appear in service contracts that guarantee protection from damage caused by fraudulent actions.

Mobility and Security: can the balance be achieved

Business users appreciated the capabilities of modern technologies. Today there are all the necessary solutions that allow you to leave the office without interrupting your work activities

However, smartphones and tablets are often stolen, they are easy to lose, which means that there is a high risk of leakage of confidential security. In order to minimize possible negative effects, it is important to comply with certain conditions for integrating mobile devices into the work of the enterprise.

  1. Staff should be trained to comply with information security measures when resolving production issues from their tablets or smartphones. 
  2. The enterprise needs a uniform regulation for the protection of mobile devices. 
  3. IT and the IS landscape should contain a set of technical tools for ensuring cybersecurity (MDM class solutions, antivirus, NAC, encryption and password protection of traffic during transmission through VPN, communication channel protection tools and much more). 

Before developing a cybersecurity policy, it is important to determine who and when mobile access will be provided, as well as a list of resources, platforms used to solve production problems. At the same time, you need to assess the possible risks, negative consequences from the leak of confidential information and insider attacks.

In modern realities, much attention should be provided to IB issues, but digital transformation projects also cannot be discounted. Today, typical IT solutions no longer guarantee a significant competitive advantage, since they are available to many market players. A key factor in improving business efficiency is to maintain its adaptability to rapidly changing conditions.

Our data centers has many successful business cases in its portfolio, at the core of which lies the security of customer data. Sign up for a data protection consultation with DEAC IT experts and let cyber risks become our concern.