Among the myriad challenges faced by businesses arising out of the global COVID-19 pandemic is the amplification of cybersecurity vulnerabilities and resulting increased risk of data breach and malware incidents. Throughout the world, employees are working from home via remote access technology and on personal devices, giving rise to unprecedented and likely unanticipated cybersecurity risks. Compounding this effect, malicious actors are out in force, preying upon the system and human insecurities created by the current COVID-19 climate. Not surprisingly, cybersecurity experts are warning of a new wave of cyberattacks aimed precisely at the working-from-home population. Not even the World Health Organization is safe: just yesterday its Chief Information Security Officer confirmed that cyberattacks against it have doubled and, most recently, elite hackers connected to cyber-espionage operations tried to break its cyber-defenses.
In this article, we explore the new cybersecurity challenges and vulnerabilities businesses face as a result of the pandemic, consider the current situation in the context of the existing regulatory regime and potential private litigation exposure, and offer some practical advice to businesses and their employees related to remote work in this new business reality.