The pandemic sweeping the planet has only further revealed the vulnerabilities all of us face at the hands of cybercriminals. The FBI has claimed nearly 4,000 reported cyberattacks a day, a 400 percent increase compared to pre-pandemic levels, resulting in $4.2B in losses. To make matters worse, experts predict these attacks will only continue beyond the end of the pandemic and will get more sophisticated as well.
As of this writing, one of the largest health care providers in San Diego County is the victim of a cyberattack that brought the system to its knees. For more than a week now, their integrated network of systems have been offline. From cancelled appointments to difficulty getting prescriptions refilled to delayed surgeries, it’s but a snapshot of how entwined our lives have become with technology. It’s also a stark reminder that we can and must do more to protect our vulnerable systems from these cyber criminals.
If a $3B non-profit healthcare system can be brought down this easily, what hope do smaller businesses have in preventing the same thing from happening to them? As it turns out, quite a bit of hope. But it takes a little planning and the will to put both policies and technology in place. Both can take money that smaller entities may not have to spare. That’s how the CARES Act can help.
How the Pandemic Impacted Cybersecurity
Virtually no business has been unscathed by the pandemic. While the service industry was hit hard by closures, mask mandates, and more, other businesses found themselves with a massive remote workforce almost overnight. A report from Netwrix summarized responses from 937 IT professionals about recent cyberthreats, including:
- 85% of CISOs said that they had sacrificed cybersecurity to quickly enable remote work
- 48% of organizations reported at least one phishing attack during the first three months of the pandemic
- 63% reported an increase in cyberattacks during the pandemic
- 60% found new security gaps as a result of the transition to remote work
- 54% of CISOs said that they lacked the visibility needed to ensure proper data protection
What is the CARES Act?
The CARES Act is a $2.2 trillion stimulus bill passed by Congress in March 2020, which allows governments to access funds for security improvements. State, local, and tribal governments received more than $150 billion of this stimulus money to help entities in their jurisdictions respond to impacts of the pandemic. The CARES Act allows these funds to be used for technology enhancements to support remote work and distance learning among others.
The federal government provides broad guidelines for how funding can be used for technology-related projects, including:
- Endpoint Security. Endpoint management solutions to improve compliance and minimize vulnerabilities
- Remote Workforce. Devices, broadband, hotspots, webcams, and other tools that assist remote staff with remaining productive and students with distance learning.
- Security Patches. Methods that automate and improve patch management for both company-side and personal devices
- Cost Optimization. Solutions that unify endpoint management, manage assets, and rein in spending.
What Should You Consider?
Protecting your data should be one of your top concerns with unprecedented levels of cyberattacks. So what should that investment focus on? While much depends on what you already have in place, the experts have some ideas to consider:
- Identity Defined Security Alliance says that your approach should start with identity. “Regardless of what device they are using or what service they are consuming, identity follows employees everywhere. To threat actors, those identities are worth their weight in gold. They can be used to access sensitive applications, move laterally throughout a compromised network, access sensitive applications and systems, and ultimately exfiltrate data. Investigate enterprise data breaches, and stolen credentials will often be at the center. Protecting identities and effectively managing access, therefore, must be at the center of security.”
- Forbes suggests multi-factor authentication (MFA). “Two-factor (2FA) or multi factor biometric authentication (MFA), both of which protect against device theft and compromised passwords by offering an additional layer of security.”
- InfoSecurity Magazine also recommends robust MFA. “Many apps and devices now offer multi-factor authentication (MFA), which remote workers should take advantage of. Despite these increased responsibilities for remote working employees, it’s up to employers to give remote workers the resources and tools they require to fulfill those responsibilities.”
How Much Funding is Still Available
The CARES Act may have passed more than a year ago, but a secondary bill, passed late last year, has extended the date by which the funds may be requested and spent. According to the Center for Digital Government, more than $26 billion still remains to be granted across 48 states.
Try ImageWare Authenticate Today for Free
Protect your workforce data with a strong biometric user authentication system that provides true user assurance across your enterprise applications and seamless customer experience while keeping access management centralized.
With ImageWare Authenticate 30 day free trial see how easy it is to secure your remote workforce with biometric authentication.