fbpx
Connect with us

News

The true effect of the pandemic on business cybersecurity

Avatar photo

Published

on

A total of 27,887 cyber attacks took place throughout the pandemic – heightening concerns that businesses in health tech and beyond will remain a major target. 

The effect of the COVID-19 pandemic on organisations’ cybersecurity has been highlighted in a new report. Data from Cyphere shows that as more businesses adapted to the pandemic with changes such as going remote, the total number of cyber security vulnerabilities increased significantly – peaking in 2021, at 20,157. 

Throughout the pandemic, there were 11,145 high-risk exposures and 1,602 vulnerabilities determined as a “critical risk”.

Having compared the figures to pre-pandemic, concerns were raised about the impact of COVID on cybersecurity and how a rise in digital transformation may bring with it a high cost. 

A shift in cyber protection

The number of security exposures has steadily increased over the past four years. Until 2017, the figure had never reached 10,000 but less than five years later had doubled to over 20,000 security bypasses.

It signifies a huge shift in cyber protection, with the rise in cyber risks putting users and businesses at risk of data hacks.

They also examined the severity of the susceptibilities, they did this by using the CVSS (Common Vulnerability Scoring System) to determine whether the exposures were low, medium or high risks.

2021 saw the highest total number of exposures, with 20,157 across 12 months. 

Harman Singh from Cyphere commented: “Digital and advanced transformations before and during the pandemic forces businesses to adopt digital solutions, at times bypassing standard approvals and change procedures. 

“This is one of the added factors to the rise in cyber attacks.

He added: “Although there has been an increase in total vulnerabilities year on year basis, there are two ways to look at it – good news and bad news. There has been a decrease in critical risk vulnerabilities in 2021 compared to peak Covid months in 2020. 

“Bad news is it’s not just the numbers we need to look at, but looking at the impacted services is a worrying factor. It includes email, internal and external services of a corporate network including remote connectivity solutions such as VPN, security gateways.”

Organisations urged to act

He continued: “This is why organisations should look into vulnerabilities more than just a CVE (Common Vulnerabilities & Exposures).

These factors include exploitation in the wild, data sensitivity levels related to the affected service and potential impact. 

“Keeping the practical context in mind helps security teams analyse large amounts of vulnerabilities in an efficient manner. This reduces the noise that sometimes consists of just CVE scores but are practically complex attacks or have complex dependencies before an exploit takes place.

“It underscores the importance of regular assessments such as penetration testing, vulnerability scanning and management and incident response preparation. 

“Organisations should adhere to strong basics with a proactive approach towards security, utilising the industry expertise to stay on top of ever changing threat landscape.”

Healthcare & cybersecurity 

Hackers are not only targeting private businesses, but the National Healthcare System, which has recently made the headlines for a ransomware attack affecting major services. 

The NHS was been urged to up its security spend or face huge consequences, with warnings that they are “sleepwalking into a cybersecurity disaster”

 Read the full story here.

Continue Reading
2 Comments

2 Comments

  1. Pingback: Health systems “unfit to cope” with another pandemic, research shows 

  2. Pingback: How health tech founders can lead in a downturn

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending stories