The Knowledge Hub of IMD
Share
FacebookFacebook icon TwitterTwitter icon LinkedInLinkedIn icon Email

Technology

Cyberthreats are expanding rapidly in the wake of the pandemic

Published 8 June 2021 in Technology • 4 min read

It can be hard to keep up with the rapidly changing landscape surrounding digital technology, but it is critical that we do. As executives have ramped up their digital adaptations to cope with the challenges posed by COVID-19, many are falling behind in terms of securing their digital data and systems. 

A disturbing trend has been growing in the headlines over the last year. From the long list of security victims growing out of the SolarWinds cyber hack in December 2020 to the crippling ransomware attack on the Colonial pipeline in the United States in May that caused disruptions across that country, it seems that our increasingly online world has caused an already existing problem to balloon. 

At an online event hosted by the Swiss-American Chamber of Commerce in cooperation with IMD, Öykü Işık, Professor of Digital Strategy and Cybersecurity and Program Director for Digital Ethics for Boards at IMD, joined Johan Gerber, Executive Vice President of Cyber and Intelligence Solutions for Mastercard and Samuele Ghelfi, Global Head of Information Risk Management and Chief Security Officer at Novartis to discuss the new threat landscape in the cybersecurity world post COVID. 

 

Digital transformation has exposed gaps in IT security 

The pandemic has been a large catalyst to the pace of digital transformation amongst companies. According to IMD’s 2021 Digital Vortex Report, between April 2020 and January 2021 the number of executives who said they were accelerating their transformation increased from 68% to 83%.  

 

However, there continues to be a clash between cybersecurity function in organizations and digital initiatives. Organizations appear to be failing to include IT security properly in their digital transformation processes. In a recent report by Ponemon, more than 80% of executives said they experienced at least one data breach as a result of digital transformation. Budgets for securing data during digital transformations are also inadequate across a vast majority of organizations. 

The pandemic has forced companies to shift their resources and priorities as the number of people working from home skyrocketed and their approach to threats had to evolve. For instance, where it used to be reasonable to use blunt controls such as ‘no printing from home’ now they have to allow finer controls such as asking what is getting printed, why and how often. Cybersecurity is also getting much more attention from boards who are now really listening with open ears. It’s not surprising because the frequency of attacks is also expanding drastically. 

 

The rise of cyber extortion 

One of the major shifts that has occurred since COVID is that cybercrime is really shaping up to be an industry that is well organized and booming business. These attacks aren’t coming from a few loose groups of hackers causing trouble out in cyberspace, they are very professional groups with business models. It is important to understand this when the time comes to have to deal with them. 

 

AI is complicating the landscape 

“AI has been super beneficial in the way fraud detection systems are being evolved especially in the financial services industry, but AI is used on the other side of the fence as well,” cautions Işık. Some of the ransomware strains that have been released have used AI to morph certain parts of the application that makes it extremely difficult to crack and create a ransomware solution for, so we are playing a bit of a catch up game in some instances. 

During the AMCHAM event, participant questions reflected the anxiety experienced when one begins to consider the enormity of the problem. Indeed, the World Economic Forum’s Global Risk Report places cyberattacks next to natural disasters in terms of likelihood of occurrence and impact on the world. 

 

There are actions executives can take 

Işık points out that although a cyberattack is probably going to be a reality for your organization at some point, there are things you can do to prepare. She suggests asking these questions to your Chief Information Security Officer to make sure your company is prepared: 

  • Do you have an incident response plan? If you one day realize you have been attacked do you know the first steps to help minimize the incident? 
  • Have you prioritized your assets? Consider whether you have experts that you employ or can easily call in the event of an incident. Also do a realistic review of the budget. Are you diverting funds that could be better applied to securing your technology. As important as it is to invest in technologies it is also important to invest in our response handling processes 
  • Which prevention methods are you investing in? Consider hiring ethical hackers who can try to see what your vulnerabilities are so they can figure this out before organized crime does. 
  • Have you had a conversation with your cloud service providers? It is important to understand their perspective and approach to data security or infrastructure and make sure it compliments your company’s approach. 

Finally, keep in mind that while the situation may seem daunting, this is not an insurmountable problem. By having a sensible response plan, increasing cyber hygiene and allocating resources effectively there is a lot we can improve upon in response to cyber threats. 

Expert

Öykü Işik

Professor of Digital Strategy & Cybersecurity

Öykü is Professor of Digital Strategy and Cybersecurity at IMD. Her research focuses on digital resilience and the ways in which disruptive technologies challenge our society and organizations.

Related

Learn Brain Circuits

Join us for daily exercises focusing on issues from team building to developing an actionable sustainability plan to personal development. Go on. They only take five minutes.
 
Read more 

Explore Leadership

What makes a great leader? Do you need charisma? How do you inspire your team? Our experts offer actionable insights through first-person narratives, behind-the-scenes interviews and The Help Desk.
 
Read more

Join Membership

Log in here to join the conversation with the I by IMD community. Your subscription grants you access to the quarterly magazine plus daily articles, videos, podcasts and learning exercises.
 
Sign up

Welcome to I by IMD

Install
×

You have 4 of 5 articles left to read.