Best practice makes perfect: malware response in the new normal

Cyber security teams already confessed to being overworked before COVID-19 – battling simply to keep their heads above a constant tide of security alerts, across numerous tools and reports. High-profile security breaches, with malware at their root, were a seemingly weekly occurrence. The financial and reputational damage that followed was often as hard to recover from as the attack itself. It comes as no surprise that some businesses have resorted to simply paying off cybercriminals.

The effects of the COVID-19 pandemic are an added burden to the cyber risks security operations center (SOC) teams are battling against. The massive rise in the number of employees working entirely from home, outside the traditional secure office environment, is testing pre-conceived notions of how to work safely and securely.

Computing surveyed around 150 cyber security decision-makers, representing organizations from a wide variety of industries, including education, finance, technology manufacturing, and the public sector, to gain a detailed picture of the challenges facing security teams in the modern environment.

Our objectives were to explore how SOC professionals were reacting to the rise in remote working, especially the increased susceptibility of employees to malware attacks; identify how such attacks have changed in terms of scale and sophistication, and examine the importance of quickly isolating and remediating an attack. The research also looks at how to secure their organizations after the pandemic.

Key findings

  • The scale and sophistication of cyberattacks continue to climb, with 69 percent of respondents indicating that malware attacks against their organization had increased in the past two years. Nearly three-quarters said that such attacks had also become more sophisticated.
  • Cybercrime is becoming more professional. Help desks exist, and anyone can buy a basic exploit kit. At the same time, criminals are becoming more adept at targeting critical parts of an organization.
  • Security professionals widely accept that their organizations will, at some point, suffer a breach, and more than 80 percent that malware remediation is just as important as prevention. However, only 17 percent were very confident in their ability to effectively respond to an attack.
  • 82% say that remediation is just as important as prevention in an effective response strategy – but only 17 percent were very confident in their organization’s ability to recover quickly from a malware attack.
  • Remote working has undergone a massive surge in the COVID-19 crisis, and 89 percent of companies we surveyed had increased their instances of remote working. Nearly three-quarters had more than half of their employees working remotely at the time of our survey.
  • The effects of COVID-19 on business have exposed new vulnerabilities to attackers. More than half of organizations had seen malware attacks playing on fears around COVID-19, and 44 percent said they were more susceptible to malware as a direct result of the increase in remote working. Many organizations – more than 60 percent – have changed or are changing their cybersecurity strategy to account for this.
  • Anti-malware, VPNs, and employee training – versatile, simple and cost-effective techniques are the most popular security tools used to protect remote workers. More expensive and complex techniques, like SD-WANs and dedicated work-only networks, were much less common, but will probably rise in popularity if the remote working trend continues – which most firms expect to be the case.

Want to learn more?

Submit the form below to receive the full 
 directly to your inbox

Thank you

You can now open the 
Oops! Something went wrong while submitting the form.