Information security is a nonstop race between you and cybercriminals—and COVID-19 means more challenges for your organization and more opportunities for attackers. We spoke with cybersecurity experts about the challenges a newly remote workforce creates for organizations, how to respond to a cyberthreat, and how the threats themselves are changing.

The ongoing COVID-19 pandemic makes it more difficult to respond to a threat in progress. Being proactive is crucial, and the best time to update your strategy to reflect a shelter-in-place workforce is the same for every business, large or small: yesterday. yuuguu

What's at stake?

Breaches come in different sizes and scales. Ransomware can keep you from resources and data, but the game plan is very different depending on what's compromised—and what that infected point has touched. The solution to a workstation encrypted by a ransomware attack can be straightforward: rebuild the machine, which means downtime but not much else. However, if a data center or critical servers are compromised, the results could be catastrophic. For many companies, the potential loss is so great that sending hundreds of thousands of dollars in cryptocurrency to cybercriminals makes sense—even when paying the ransom is just the start of your headache.

"Even if you can find a way to pay, can afford to pay, and have a trustworthy enough criminal ... it still doesn't mean you're going to survive the attack," says Drew Simonis, deputy chief information security officer at HPE. Even if you pay a ransom, repairing the damage from a ransomware attack with security keys provided by a criminal can still mean months of downtime. How much lost productivity can your organization survive? "For a large company, it may be sustainable," says Simonis. "For a small company? That could put them out of business."