In March 2020, The Coronavirus Aid, Relief, and Economic Security Act (or CARES Act) allotted $2.2 trillion in direct economic aid to American individuals and organizations negatively impacted by the COVID-19 pandemic. Businesses and local, state, and tribal governments leveraged CARES Act funds over the past year in part to address IT and cybersecurity issues brought by the pandemic. With an extended deadline (December 31, 2021) and a substantial amount of federal dollars still available, organizations may benefit from using some of the $150-billion Coronavirus Relief Fund (CRF) to address cybersecurity challenges while minimizing future security threats.
Cybercrime trends during COVID
The COVID-19 pandemic radically altered technology use, and with those changes came a surge in online criminal activity. According to the FBI, in the early days of the pandemic, cyberattacks increased 400 percent compared to before the crisis. Ransomware attacks skyrocketed. Phishing attacks increased an estimated 40%. Cybercriminals took advantage of confusion and chaos as organizations transitioned - sometimes abruptly - to a remote workforce and distanced learning. In addition, new devices, unsecured networks, unfamiliar software/apps, and extra time online created more opportunities for cybercriminals to attack. IT teams already faced issues with budgets and resources, and the COVID-19 pandemic further strained their ability to address their organization's needs while providing a solid cybersecurity foundation.Federal aid for cybersecurity
The CRF offered flexible aid to allow businesses to address their unique challenges caused by the pandemic. As a result, many companies and state, local, and tribal governments utilized the funds to meet technology-related needs, per federal guidelines. Of particular note, CRF allows coverage of "expenses to facilitate distance learning, including technological improvements, in connection with school closings to enable compliance with COVID–19 precautions." In addition, funds can also be applied to "expenses to improve telework capabilities for public employees to enable compliance with COVID–19 public health precautions." In short, technology upgrades or purchases, including hardware and software, that facilitate a secure remote work/learning environment. With the deadline extended to December 31, 2021, there is still time before the end of the year for organizations to invest in the IT infrastructure needed to support their workforce in the ongoing pandemic and minimize future cyber risk.How LastPass reduces cyber risk
Password security is fundamental to an organization's cyber security strategy. And no matter where employees work, they need access to stay productive. Access to data, access to apps, access to services and accounts. Access to all of the resources that help them do their jobs and do them well. Access requires passwords and authentication protocols. Keeping cybercriminals out while quickly connecting employees means securing and centrally managing access with a business password solution. A business password manager like LastPass standardizes excellent password hygiene across an organization. IT teams can protect every entry point with stronger passwords and extra security protocols like multi-factor authentication. Employees can store, manage and share credentials while eliminating password reuse. As organizations think about navigating a post-COVID workplace, cybersecurity infrastructure is critical to future risk management. Given the role passwords play in facilitating everyday access, secure password management is foundational to an organization's cybersecurity strategy. Using CARES Act funds to invest in business password management by December 31 will help an organization cope with current challenges presented by Covid and lay the groundwork for adapting to future cybersecurity needs, too. Learn more about LastPass Business here.Share this post via:
Subscribe for the latest from LastPass blog
By subscribing, you agree to receive marketing communications regarding industry news and research, educational resources, and LastPass products and services. The processing of your personal data in accordance with the LastPass Privacy Policy. You can unsubscribe from marketing communications at any time.
