Cybersecurity: Bitcoin, fake news and COVID-fatigue

Insights shared from Brands2Life’s webinar ‘Cybersecurity and the coronavirus: how the landscape’s changed & how brands should respond’, which is part of the Brands Transforming Our World summer webinar series.

With 2020 presenting us with a threat landscape no one could have possibly predicted, we hosted an online panel comprising experienced journalists, senior comms pros and a CISO, to debate the impact of the Coronavirus on security. Here’s what we learnt about cash-focused crime, why data regulation must evolve for homeworking, and what comms professionals need to know as the remainder of this unpredictable year unfolds.

To watch the full webinar, click the button below or click here

Data regulation will need to respond to new types of breaches

Most employees have now experienced first-hand the profound difference in home working versus offices. Where historically security services are delivered via hub and spoke model, visibility has become a huge challenge for organisations now, and as a result, no one really understands the regulatory landscape under these circumstances. The General Data Protection Regulation states organisations have 72 hours to respond to a breach. But companies have never planned a table-top exercise for responding to exploitation when 95% of staff are working from home. In the coming months, we’re bound to read about hacks and breaches that haven’t yet been identified, Zoom call recordings that fell into the wrong hands, staging servers that weren’t protected and have seen data stolen… The question remains, if these have happened as a result of home working, how will the ICO respond, and importantly, what levies will be placed on companies as a result?

Reporting on misinformation campaigns must be clear

The evolution and spread of misinformation online against the backdrop of both a global pandemic and the impending US political election has been interesting to witness. How both governments and media communicate responsibly on the origins of campaigns needs careful consideration – especially for those which are sophisticated and malicious in nature. Media are still learning how to share insights in a helpful way for audiences. Key for 2020 will be contextualising stories responsibly and explaining the ramifications of such activity clearly.

Hackers are set to swat up on homeworking  

As swathes of companies switched to a homeworking model for the majority of staff, a new playground for cybercriminals emerged. But hackers haven’t flocked there. Yet. No huge stories on remote working practices gone drastically wrong have emerged, but give it time. Hackers have been examining research and technologies that support VPNs and remote desktop protocol access, so expect attacks on these to become harder and more widespread. In the next six months, homeworking is predicted to be aggressively targeted as cybercriminals evolve their tools and mechanisms for attack to meet this new working landscape.

Yes, the media has hit a COVID-fatigue wall

As predicted, media are beginning to tire of the current COVID-19 dominated news cycle. In the last month, stories that had been parked since the start of 2020 are beginning to be explored again. But don’t expect a rapid shift in pace. Yes, a level of COVID-fatigue exists, but there is a continued need to cover the crisis as it evolves, so expect to simply see a shift in tone and language. The ‘new normal’ is now just normal. Homeworking is now just normal too. Stories that keep identifying these as ‘issues’ won’t get cut through. It’s simply become how we live, work and play now.

Cash-focused cybercrime does have a ceiling

Spare a thought for the cybercriminals. Many believed cybercrime was infinitely scalable, but apparently not, at least by one important measure. Cryptocurrency analysis has shown that the flow of Bitcoin – the currency of choice for most ransomware and cyber extortion schemes – has dramatically fallen over the last few months of lockdown. Coronavirus has effectively hamstrung areas of cybercrime in precisely the same way as traditional industries.

One point to finish on, that’s not a learning per se, but did feature heavily in our discussion, was the importance for C-level executives to communicate transparently with internal and external audiences. Scenario planning and accounting for how processes in the event of an incident must work – across different time-zones – is imperative for successful reputation management of B2B and B2C brands. Social and sales teams will also play a key role in stemming the tide of negative sentiment online and reassuring customers in good time. From a journalistic perspective, transparency is key. Organisations must avoid picking battles with the press, be sure to communicate clearly – especially around any time delays in statements – and avoid being defensive in communications.

If you would like to carry on the conversation or need help with a comms challenge please get in touch.