Security Professionals Say COVID-19 Crisis Increased Cyber Threat to Enterprise Systems

A survey of some of the top IT security professionals who participated in the annual Black Hat USA conference underlined a key concern, with companies overwhelmingly believing that the COVID-19 pandemic increases cyberthreats. 

It will be some time until companies can quantify the effects of the COVID-19 pandemic on their businesses. Until then, IT security professionals say security risks are increasing, and cyber threats related to the new work-from-home ethos are the most significant worry. 

In the Black Hat USA 2020 survey, 94% of responding security pros believe enterprise systems and data are at risk, and 24% view this threat as imminent. Of course, home workers are seen as the primary concern (57%), with phishing and social engineering ranking as the biggest problem (51%.) 

“The survey results suggest that the world’s top cybersecurity professionals are more concerned than ever about cybersecurity risk at the global, national, enterprise, and consumer levels,” states the survey. “While cyber threats have been growing in volume and sophistication in recent years, most security professionals believe that the radical shift toward remote access is creating unprecedented risk for sensitive data.” 

Only 15% of security professionals believe the situation will return to the pre-COVID-19 status quo. 84%, say major changes will happen across all industries. 

In fact, the numbers are not at all encouraging, as 70% of IT professionals think they will have to deal with a major cyberattack in their organization in the next year. Most of them say that they don’t have the staff or the budget to deal with incoming threats. 

Making matters worse, the people who will eventually have to deal with cyberattacks in companies are the same ones who say that consider themselves “burned out” (38%), which is an increase from 30% in 2019. Coupled with staff shortages, it’s easy to see why security professionals anticipate a more challenging year in cybersecurity.