Businesses should take proactive measures to ramp up their cybersecurity ahead of the holiday season, the most challenging peak period for cybercrimes, cautions a report by McAfee Enterprise and FireEye.

The report titled ‘Cybercrime in a Pandemic World: The Impact of Covid-19’, states that 77 percent of organisations in India experienced downtime due to cybersecurity risk amid the festive season in the last 18 months, with at least 81 percent of global organisations experiencing cyber threats during Covid-19.

The study — conducted by market research specialist MSI-ACI — interviewed 1,451 IT and line-of-business decision-makers across India, the US, UK, Australia, France, Germany, Singapore, South Africa, and UAE.

According to IT professionals in India, holidays have been the most challenging peak periods for cybercrimes. Almost 52 percent of professionals flagged festive holidays such as Diwali, Ramadan, and Christmas as the peak period for cyber threats, 32 percent listed bank holidays, and 12 percent pointed out summer vacations of schools and colleges, as the peak period for cyber threats,

During these peak periods, 91 percent IT professionals found maintaining a fully staffed security team even more challenging under the hybrid work model. Further, 59 percent expected half or more of their colleagues to work remotely in some capacity.

In terms of cyber risks, the top three cyberattacks were— malware attacks (47 percent), data breaches (43 percent), and ransomware and cloud jacking (33 percent each); over 30 per cent of the IT professionals experienced vulnerabilities in their ‘Internet of things’ devices.

“It is imperative that all businesses of scale evaluate and prioritise security technology to keep them protected, especially during peak seasons like the holidays,” said Bryan Palma, CEO of the newly combined company, in a public statement.

Interestingly, organisations have invested in cloud security (82 percent), advanced threat protection (66 percent), security operations centre (54 percent), mobile security (48 per cent), and endpoint security (48 percent). For additional security, 69 percent of the organisations are implementing new software solutions, 68 percent are strengthening internal IT-related communications, 62 percent are increasing their software updates, and 61 percent are offering employee training programs.

The report alleges that despite a sharp increase in cyber attacks, the majority of firms are not well prepared. “Traditional approaches are no longer enough — 94 percent want their organisation to improve its overall cyber readiness, and businesses need an integrated security architecture and an always-on approach to prevent, protect and react to the threats of today,” noted Palma.

“The problem is exacerbated with employees using the same devices for personal and office work, exposing critical networks and, thus, to stay ahead of criminals, organisations need to ramp up their cybersecurity readiness,” said Venkat Krishnapur, vice-president of engineering and managing director at McAfee Enterprise, India.

“However, there are ways for organisations to be proactive against cybercrime, such as implementing security measures, providing cybersecurity awareness training for employees, and developing prevention and response plans,” the report said.

Meanwhile, 99 percent of the IT professionals indicated that their organisation could place more emphasis on its overall cyber readiness; 53 percent emphasised the importance of employee training to prevent cybersecurity issues.