Is the COVID-19 Cybersecurity Crisis a Perfect Example of How the Industry Benefits From Its Failures?

By Reef Pearson, SecureTeam

Headlines throughout the pandemic have been fixated on panic-evoking cyberattack figures, the security ‘ignorances’ of staff working from home, and the critical shortage of jobs in the Cybersecurity industry.

Yet despite every cyber disaster being the result of a failed prevention, there hasn’t been any noise about the cybersecurity firms that were unsuccessful in protecting these highly publicized organizations from attacks. Instead, the media’s fear-mongering surrounding cybersecurity attacks and disasters has been the catalyst for the industry’s growth. And, raises the question, is the cybersecurity industry only booming because it’s failing?

Who Got The Blame For The COVID-19 Cybersecurity Crisis?

During the COVID-19 crisis, the global shift to home-working quickly became a hot topic in the press, and still is a huge subject of debate because of its worldwide lifestyle impact. Throughout the pandemic, the media did not shy away from raising red flags and frightening figures about employee cyber-attacks and attempts, with reportedly 47% of individuals working from home falling for phishing scams.

From decreased consumer spending prompting credit card hackers to find more inventive ways to create income, to the increased technological vulnerabilities as a result of a rapid switch to remote working – the pandemic did undoubtedly create reasons to panic. That being said, you’ll notice that the media frame a lot of this as the fault of the staff working from home when in actuality these were cybersecurity failures of the companies employing them.

Staff shouldn’t have to be cybersecurity experts, their employers should be taking constant steps to protect their team, either with the consultation of an outside cybersecurity provider or a trained in-house team. And these precautionary cybersecurity measures should have preemptively been in place long before the pandemic hit – cybersecurity should be about attack prevention, not disaster reaction.

But despite all this click-bait reporting, an assessment by Interpol showed that the biggest shift in attack targeting actually moved away from small businesses and individuals and towards governments and major corporations instead. An example being the World Health Organization who reported a 500% increase in cyber attacks at the start of the pandemic in late April 2020.

And it is this increase in high-profile cybersecurity attacks that is impossible to blame on employees and is instead clearly indicative of cybersecurity failures across the world. Because of their high visibility and their crucial place in the economy’s infrastructure, the public and private sector companies that fell victim to attacks and leaks during the pandemic should have  

already had world-class cybersecurity measures in place – yet the pandemic still managed to poke holes in their security systems.

But again, media headlines focused on fearmongering rather than pointing blame to the cybersecurity firms that were appointed to protect the companies and organizations in the first place. Meaning that the cybersecurity industry has reaped massive rewards from its own failures.

How The Cybersecurity Industry is Thriving on Its Failures

Global Google searches for ‘cybersecurity jobs’ are at an all-time high, with the labor market facing a huge talent shortage as a result of the rising demand that has been accelerated by the panic caused throughout the COVID-19 pandemic. A recent study revealed that there are 50% fewer candidates than jobs available in the cyber labor market, with 3.5 million cybersecurity jobs expected to go unfilled this year.

When a disaster occurs, despite what in usual circumstances would be considered ‘bad press,’ the media coverage functions as free fear-based marketing for the industry.

In the simplest terms, businesses reading about the detrimental effects of poor cybersecurity then feel an increased sense of urgency to invest in cybersecurity for their own business – pumping more money into the exact industry whose failures were the reason for their panic.

To put it into perspective, you wouldn’t be in a rush to buy a guard dog if you saw in the news that guard dogs were sleeping through burglaries.

Obviously, it isn’t quite that black and white, and an increase in cyber attacks correlating with an increase in demand for cybersecurity experts to prevent them is no surprise. But it’s the fact that it’s the cycle of failure that is fueling the industry demand, and the industry’s inability to get negative press because the media is so fixated on blaming individuals and organizations, not the cybersecurity firms servicing them.

As the saying goes, ‘all press is good press,’ but in this unique situation, even when the coverage should be ‘bad’, the media seems to unknowingly protect and empower the industry which is why cybersecurity is now more in-demand than ever.

Reef Pearson is the cybersecurity correspondent for SecureTeam, dedicated to informing the public of contemporary cybersecurity issues, how they impact current affairs, and the preventative solutions individuals and businesses can take to avoid becoming a victim of cybercrime. She is particularly passionate about online safety for kids and communicating the essentials of password protection, writing regular informative articles in an attempt to minimize the risk of future cybercrime attacks.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.