Posted-on April 2021
The arrival of COVID-19 shocked the cyber landscape, providing a golden age of opportunity for cyber attackers. Over the past year, there has been a demonstrated increase in COVID-related cyber threats and high-profile data breaches.
This surge in cyber threats and web of disruptions that COVID-19 has brought to the cyber landscape has meant that over the past year, demand for cybersecurity specialists grown. In fact, ITJobsWatch statistics reveal that cybersecurity roles have jumped 10 places in the rankings of the UK's most in demand tech jobs over the past 6 months alone, now making up 4.39% of all permanent jobs advertised in the UK.
Here we explore how COVID-19 has transformed the cyber landscape, featuring insights from our Head of DACH Alex Candeland and Principal Consultant Oliver Thomas regarding the boom in demand for specific cybersecurity roles over the past year.
How COVID Has Transformed the Cyber Landscape
You may have noticed an increase in unsolicited COVID-related emails and messages over the past year or so for yourself. From spam emails claiming to be from HMRC to SMS phishing scams claiming to give job retention scheme opportunities or refunds, COVID-19 has provided cyber attackers with a whole new batch of content to aid them in their quest to exploit victim’s vulnerabilities, networks, and personal data.
So, when did it all start? During the first wave of the pandemic, Datto’s Chief Information Security Officer noted that although there were not more cyber-attacks, attackers did change their tactics. Speaking to ContinuityCentral.com, he notes that “while there may not have been a net increase in the overall number of threats or threat actors, there is a significant rise in the percentage of malware campaigns employing COVID-19 related attack vectors”. In fact, “around 80 percent of all malicious campaigns are now leveraging a COVID-19 angle.” COVID-19 has become the malicious content.
From phishing emails featuring malicious links, to the rise of rip-off mobile apps claiming to give the latest advice and information about the pandemic, cyber attackers—in routine style—are preying on victim’s latest vulnerabilities. In this case, one of the main vulnerabilities is our search for up-to-date information as well as tips and tricks on how to protect ourselves from COVID-19.
And this did not stop as the year, and the pandemic, progressed. By the end of 2020, the National Cyber Security Centre’s annual review reported that a record number of cybersecurity incidents had occurred between September 2019 and August 2020: a quarter of which were related to COVID-19.
The Relation of Remote Working and Cyber Attacks
Another aspect which continues to contribute to the rise of COVID-related cyber-attacks is the upsurge in remote working. With employees using their own networks, and in many cases, their own devices to log into their workplace networks, cyber attackers are given another window of opportunity.
Weeks notes that home networks are a whopping “3.5 times more likely than corporate networks to contain at least one malware family, with some malicious software 20 times more frequently present on home networks.” It brings a whole new side to the discussion of how we mix our work and personal lives to light.
Cybersecurity Job Postings on The Rise
As with many other sectors, COVID has forced businesses across the globe to pause, revaluate, and streamline every aspect of their business. This goes for securing their core infrastructure too.
From ensuring employees are working on trusted devices, to assessing the state of cloud services and strategies, VPNs and firewalls, Weeks notes that now is the time for businesses “to revisit the most fundamental security basics” and “identify any new security weaknesses that may have opened up with the shift to remote working.”
This has meant that cybersecurity professionals are in higher demand than ever before.
Speaking to Oliver Thomas, one of our principal consultants at CyberStream about the boom in cybersecurity roles over the past year, he notes:
“The most noticeable thing would be that companies have invested much more into Cloud Security versus more traditional on-premises solutions.
This is largely due to many workforces becoming almost entirely remote, and in line with this, companies need solutions that are much easier to scale.
Plus, it is a good way for companies to secure their data in a cheaper, more manageable way, which is a positive strategy move in such difficult times”.
Our Head of CyberStream across the DACH regions Alex Candeland also notes a shift.
“We are seeing more demand for security-by-design and product-led security roles due to the complete shift to online-based commerce. We have had multiple clients looking to bring in experts to help them move from ‘bricks and mortar’ to digital.
With this comes the need for security to be designed and developed from day 1, into new digital product lines.
This could be software security, new security governance frameworks, and security-by-design.”
From MedTech to EdTech, and gaming to ecommerce, the pandemic has transformed basically every sector across the globe. Cybersecurity specialists are needed now more than ever to ensure the new tools, technologies and approaches that were implemented during COVID-19 continue to function securely and efficiently, as well as adapt and evolve for a post-COVID world.
Are you looking for your next cybersecurity challenge? Contact our team to discuss our latest permanent and contract roles across the globe.