News

Kogod Professor Heng Xu Talks Cybersecurity in the Time of COVID-19

Written by Anna Morcerf | September 30, 2020

With so many people working from home, government agencies, corporations, small businesses, and nonprofits alike are reconsidering how to keep both their data and employees safe from cybersecurity threats. How is the pandemic changing the threat landscape, what can businesses do to protect themselves, and how can we safeguard our personal information?

For our first installment of the Kogod Faculty on COVID webinar series, we interviewed Heng Xu, professor and director of the Kogod Cybersecurity Governance Center, to learn more about how the pandemic is changing cybersecurity research and what new threats are arising out of our current, more virtual landscape. From medical appointments to home buying, much of our sensitive information has moved to multiple, potentially unsecure platforms.

At the core of these threats is privacy.

For example, contact tracing is critical to containing COVID-19. But where does the boundary between privacy and public safety lie? “Tracing people’s movements, behaviors… how long can we keep that data and to what kind of stakeholders can we share that data?” asks Xu. “Once you collect that data, it is impossible to delete that from cyberspace.

“There is an old saying that there is no 100 percent chance of security,” she adds.  

COVID-19 has also facilitated a remote work culture that’s challenging businesses to consider how to build data boundaries that were once contained by corporate buildings and office suites. Companies now have to think about how to create this separation in employees’ homes and on their virtual devices. Requiring remote employees to use a virtual private network (VPN) is one method to wall off sensitive data. 

While privacy has increasingly taken a back seat to convenience, the pandemic has only accelerated the trend. Conversations that traditionally take place in a secure physical space are now happening in cyberspace—for example, virtual visits with physicians. During the “visit,” patient and doctor discuss federally-protected information like medical conditions and pharmaceutical prescriptions. But how can physicians be sure that their conversations with patients and medical records are secure? And, adds Xu, “What will they do with the data after the pandemic?”

Whether or not businesses will continue to offer their services online post-COVID remains a toss-up. “This is a real field experiment of testing the effectiveness of digitization to different industry sectors,” says Xu. 

Given the initial investment to rapidly convert services to an online environment, Xu remarks that this move may be a game-changer going forward. However, because the “field experiment” is ongoing, there is no clear picture of how far this online service revolution will progress and how sustainable it is.

Watch Heng’s full interview, and check out the full Kogod on COVID playlist, where our expert faculty discuss how the pandemic is affecting women business owners, global sustainability, and more.