National Cybersecurity Awareness Month

October 01, 2020
Businesses have faced many acute challenges in 2020, and cyber threats rank high on that list. The COVID-19 pandemic brought abrupt business interruption and drastic revenue changes for many industries. Worse still, the sudden disruptions also opened new opportunities for cyberattackers, as many businesses rapidly adapted by leveraging technology solutions and shifting to a remote workforce where possible. As digital adoption accelerates concurrently with an increasing threat of cyberattacks and data breaches, businesses should give urgent attention to reviewing and improving their security practices to build resilience.

October ushers in National Cybersecurity Awareness Month during a year that has already seen a precipitous rise in cyber threats. Cybersecurity formed a chief concern for businesses even before the pandemic, with 39% of middle market executives saying cyberattacks and privacy breaches are their primary digital threat, according to BDO's 2020 Digital Transformation Survey. The widespread disruption caused by COVID-19 has further stoked those threats.

The rush to enable remote work and systems access for employees prized connectivity and operational continuity over network security. Many newly remote employees use personal laptops and devices for work but have not received additional cybersecurity training. Remote employees are also more likely to use unsecured or poorly secured Wi-Fi networks, which are an especially vulnerable entry point for threat actors. At the same time, cyberattacks increased in number and sophistication, with malware and phishing attacks specifically using COVID-19 uncertainty to compromise their targets. These ongoing trends combine to create a cybersecurity crisis for many industries.

The proliferation of sophisticated cyber threats reflects the range of malicious actors targeting businesses, including criminal cyberattackers and nation-state-sponsored groups. Insider threats also pose an elevated risk to certain industries that collect, store and process valuable, sensitive data. And industries that operate in a complex cybersecurity and regulatory environment also face higher costs related to a data breach.

Recovering from a cyberattack is often a months-long process that extends well beyond the cyber incident itself, causing a significant drain on internal resources. The total financial impact of business interruption can be much more significant than the costs related directly to the attack. Reputational harm from a cyber incident is also a key consideration, particularly for industries that rely more heavily on the trust of consumers, clients and partners.  

The cumulative costs of a cyberattack or breach can vastly outweigh the costs of instituting robust cybersecurity practices, but achieving those practices also requires around-the-clock monitoring,
comprehensive detection tools and rapid response measures, as well as routine testing and periodic improvements. Threat actors continually adapt their techniques as companies improve cybersecurity defenses, all too often staying several steps ahead of security professionals and mitigation measures.

Although the growing complexity of IT environments presents organizations with an uphill battle, there are clear best practices that can strengthen cybersecurity—particularly by using managed detection and response services—and increase resilience, which are more important to implement and maintain now than ever before.

To highlight the critical importance of National Cybersecurity Awareness Month, BDO is offering additional resources to help middle market businesses understand existing and emerging threats and bolster their security practices accordingly. For more information, visit BDO’s 2020 Cybersecurity Awareness Month Resource Center.