Technology impacted the lives of millions of people with their home day-to-day activities. When the COVID-19 pandemic struck in many countries, there was a need to change both the mode of working with technology as well as to handle internet and online risks exposure. During the pandemic, cybercrime groups utilized the internet usage to commit cybercrimes especially by exploiting vulnerabilities of many applications, networks, and infrastructures. This study aims to explore the impact of COVID-19 on the readiness of organizations to handle cyber threats in two directions: 1) analysis of CVE common vulnerability data before and during the pandemic period and 2) analysis of fuzzy logic data model designed to demonstrate the importance of firms readiness to cope with cyber threats. Results show that due to the significant increase in cyber threats, small firms tend to be more fragile to cyber threats than big ones, and they have to invest more resources to mitigate cyber threats. Findings and implications are discussed.
TopIntroduction
Technology has turned to be part of the modern life. Computers, Mobile devices and the Internet Of Things are used for data processing, performing various tasks and for decision making. The internet revolution enabled people around the globe to seek for information by using search engines, to meet people in virtual world or through virtual forums and to manage their day life by synchronizing many devices together, to share and distribute information. This phenomena, is also found in companies, which use different systems and technologies to manufacture their products, improve the relationships with their customers through various systems and assist with a faster decisions making. One of the most recent example for the usage of technology by individuals and firms is attributed to the Covid-19 pandemic, in which many people and managers had suddenly forced to use communication tools conducted by the internet for various purposes such as: Work Meetings, Education, Discussions and also for social reasons. The internet which had served as a platform that enables such communication had suddenly become a comfort zone for hackers to commit cyber-crime and hack to sensitive data and systems of individuals and firms. Zwilling et al., (2020, P.1) had already shown that “Internet users possess adequate cyber threat awareness but apply only minimal protective measures usually relatively common and simple one”. In another study, Vassileva and Zwilling (2018), showed that new framework for learning is needed to be part of the modern education among students and employees to better implement and understand how to acquire the knowledge to handle cyber hazards. Lately, Buil-Gil et al., (2020) presented preliminary analysis related to the short term effect of Covid-19 on the cyber dependent crime and online fraud in the United Kingdom. The authors showed a dramatic increase in the number of incidents which were ascribed to cyber-crime and fraud especially in domains of social media, shopping email and auctions. The authors mentioned that incidents were attributed mainly to independent individuals who have low awareness to cyber rather than to employee’s organizations,. This finding is attributed with low willingness of individuals to invest in cyber protection tools, as mentioned by Zwilling et al., (2020). One of the reasons for the increase in cyber-crime incidents due to the Covid-19 pandemic is also related to the transferer from physical environments to online environments in many disciplines such as education, shopping habits, medical service and commerce. One of the main challenges in many organizations especially after the Covid-19 pandemic was to guide the CSO’s (Chief Operations Officer) to clarify the guidelines and establish frameworks that will be used to protect the organization’s assets from cyber-attacks.
The Impact of Cyber Hazards on Individuals
The need to be online and consume internet based services, had been increased tremendously in the recent years. The effect of globalization and the utilization of online services had already been mentioned by de Bruijn and Hanssen in 2017 (de Bruijn and Hanssen, 2017). In their work, the authors mention how globalization development as well as the increase of cloud computing consumption influenced the way people use technology and change their work habits for private as well as public needs, where in the same time their exposure to cyber incidents is increased as well. Such a phenomena, was shown by Renaud et al., (2020) recently. The authors showed that the Covid-19 pandemic was used to exploit breaches in cyber security in internet application, information systems especially in social media, shopping and cloud services, in which individual’s identity and private information was stolen by cyber criminals and groups. This evidence is also mentioned by Gatlan (2020). In his study, the author mentioned that during the period of February-March 2020, a total of 623 million data records were breached by cyber criminals. This finding is also cited by Irwin (2020). When evaluating the cyber victims into groups, one can find three categories: A. Nations or Societies, B. Organizations, C. Individuals (Zhu, Huang and Zhang, 2019). According to Xavir and Pati (2012), Individuals are mainly suffer from phishing attempts, malicious software in addition to an attempt to steal or corrupt their private information. One of the reasons for such occurrence is embodied in the lack of awareness and knowledge which affects individuals readiness to install protection tools to delete malware and/or alert them when cyber incident occurs. Zwilling et al., (2020, p.1) had already emphasized the need for training framework for individuals in order to increase their awareness and knowledge to cyber threats and change their behavior accordingly in order to mitigate the existing risks.