News headlines throughout the COVID-19 crisis happen to be centered on frightening cybersecurity statistics, critiques of staff WFH, and panic-inducing discussions from the skills gap in the cybersecurity industry.
Although there have been so many avoidable cyber disasters published within the press, there hasn't been any discussion concerning the security firms that failed to protect the organisations that fell victim towards the attacks.
Rather than finding out how cybersecurity firms failed to provide the service they promised, the media has instead been stuck on fear-mongering businesses about cyber risks – subsequently as being a catalyst for demand for cybersecurity services. So, does this imply the happens to be booming since it is failing?
Who Was Really Accountable for The Pandemic's Cybersecurity Crisis?
The worldwide shift to home-working quickly was a hot topic in the news and stays an enormous subject of debate due to its global effect on lifestyle. The media didn't be put off by raising huge warning flags and scary statistics about employee cyber-attacks and attempts during the pandemic, with reportedly 47% of individuals working at home falling for phishing scams.
Decreased consumer spending prompted credit card hackers to find more creative methods to create income, and also the rapid switch to remote working caused an enormous increase in technological vulnerability – undoubtedly, there is reason to panic. However, the media framed the majority of this 'cyber chaos' to be the responsibility of staff working from home, brought on by ignorances and mistakes, when really they were the cybersecurity failures of the employers.
A workforce shouldn't need to be cybersecurity experts for cyberattacks to become avoided. Instead, employers should be taking continuous steps to safeguard their team, whether that be with the recruitment of the external cybersecurity consultant or perhaps an in-house team. And every one of these preventative measures must have been implemented well before the pandemic came into effect. Cybersecurity best practices should be preventative not reactive.
Yet despite the click-bait reporting we have seen frequenting this news an Interpol assessment exposed that the largest shift in attacks throughout the pandemic actually didn't affect employees, and instead shifted towards targeting major corporations and government agencies rather than small enterprises and individuals. For instance, the planet Health Organization reported a 500% rise in cyber attacks at the beginning of the pandemic.
It is this influx in high-profile, large-scale attacks that is impossible to argue is the fault of any employees and offers proof of cybersecurity failures occurring in the largest of public and private sector companies. Because of their high visibility as well as their crucial devote the economy's infrastructure, the public and private sector companies that fell victim to attacks and leaks during the pandemic should have already had world-class cybersecurity measures in place – the pandemic just showed us how easy it had been to bypass these systems.
Though yet again, much towards the rejoice of cybersecurity firms, the media fixated on fearmongering other businesses rather than focusing on who had been the reason for the failures. And therefore exactly the same cybersecurity firms that failed to prevent these huge disasters were those used to prevent other businesses scared by the news.
How The Industry is Thriving as a Result of Failing
'Cybersecurity job' searches are in an all-time at the top of Google, and the marketplace is facing a huge shortage of talent because of the rising demand accelerated by COVID-19. Research conducted recently revealed that you will find 50% fewer candidates than jobs obtainable in the cyber labour market, with 3.5 million cybersecurity jobs likely to go unfilled this season.
The media's coverage from the 'COVID-19 cybersecurity crisis' basically acted as free organic marketing for that industry, fuelled by fear and panic. To put it simply, businesses reading about the terrifying consequences of bad cybersecurity are pumping more income into services from the exact industry whose failures were the reason for their initial panic.
Of course, it's not quite that easy, and it is unsurprising that an increase in cyber attacks correlates with an increase in interest in cybersecurity experts. However, it's the undiscussed cycled of this process that helps make the industry's wherewithal to take place responsible for their failures so interesting. The negative press never appears to keep to the cybersecurity firms involved, just to the companies that fall victim.