A surprising 51 percent of technology professionals and leaders are highly confident that their cybersecurity teams are ready to detect and respond to rising cybersecurity attacks during COVID-19, according to ISACA. Additionally, 59 percent say their cybersecurity team has the necessary tools and resources at home to perform their job effectively.
This presents a problem, as 58 percent of respondents say threat actors are taking advantage of the pandemic to disrupt organizations, and 92 percent say cyberattacks on individuals are increasing.
Remote work increasing data protection and privacy risk
While 80 percent of organizations shared cyber risk best practices for working at home as shelter in place orders began, 87 percent of respondents still say the rapid transition to remote work has increased data protection and privacy risk.
“Organizations are rapidly and aggressively moving toward new ways of doing business during this time, which is a very positive thing, but it can also lead to making compromises that can leave them vulnerable to threats,” says ISACA CEO David Samuelson.
“A surge in the number of remote workers means there is a greater attack surface. Remote work is critically important right now, so security has to be at the forefront along with employee education.”
More than 3,700 IT audit, risk, governance and cybersecurity professionals from 123 countries have been surveyed in mid-April to assess the impact of COVID-19 on their organizations and their own jobs.
Concerns about the wider impact
Most of these professionals believe their jobs are safe. Ten percent think a job loss is likely and 1 percent has been furloughed. However, while their own positions are stable, respondents are still extremely concerned about these wider impacts of the novel coronavirus:
- Economic impact on my national economy (49 percent)
- Health of family and friends (44 percent)
- Personal health (30 percent)
- Economic impact on my organization (24 percent)
The negative effects
While respondents report being highly satisfied with their organization’s internal communications, business continuity plans and executive leadership related to COVID-19, their organizations have not been able to avoid the negative effects, including:
- Decreased revenues/sales (46 percent)
- Reduced overall productivity (37 percent—more executives than practitioners think this is the case)
- Reduced budgets (32 percent)
- Supply chain problems (22 percent)
- Closed business operations (19 percent)
The majority of respondents expect normal business operations to resume by Q3 2020.
“It’s hard to predict what ‘normal’ will look like in the short term,” said ISACA CTO Simona Rollinson. “What we do know is that tech professionals, including the IT audit, risk, governance and security professionals in our community, are more necessary than ever to their enterprises, and they are well-positioned to adapt and even thrive, regardless of what changes may be in store.”