The COVID-19 pandemic has unleashed an array of cyberattacks that threaten the health of our virtual systems, including but not exclusive to those in healthcare, banking and government agencies. Cyber criminals are capitalizing on widespread weaknesses with attack vectors in the form of spam, phishing scams, ransomware and malicious URLs. As the number of infected persons soars, so does the number of cyberattacks, but despite the short-term effects of combating threat actors, in the long term, the world will emerge more secure and better prepared, armed with lessons learned from strategies implemented and tested during the pandemic.

Malicious actors target victims through various tactics and ploys

Hot zones of cyber vulnerability have typically been localized or within a specific organization. While such attacks have disastrous ramifications in their own right, never before has the number of threat vectors been so far-reaching. As the COVID-19 pandemic forces the majority of the global workforce to stay home, employees have had to create makeshift ways of working while longer-term solutions are devised. The surge in the number of individuals working remotely and the strain that places on existing infrastructures is an underlying cause for a large majority of these attacks.

Many corporations and individuals are turning to user-friendly and feature-forward solutions. In particular, Zoom has seen a rampant surge in daily users, from 10 million in December to 200 million in March, as what was once meant for use by businesses is now also being used for daily work life and personal communication. Unfortunately, the company did not have the adequate levels of security infrastructure to support this surge, resulting in self-proclaimed “Zoombombers” infiltrating private corporate meetings, Alcoholics Anonymous meetings, online learning environments and more. The company was quick to issue a statement and plan to address these issues, with Zoom CEO Eric Yuan stating in a blog post, “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.” Yuan added that over the next 90 days the company will “[enact] a feature freeze … shifting all of our engineering resources to focus on our bigger trust, safety and privacy issues” and release a transparency report, similar to reports shared by tech giants such as Facebook, Google and Twitter.

In addition to hacking into and taking command of private meetings, threat actors are masquerading as legitimate organizations with the intention of collecting highly personal information, such as a COVID-19 safety portal allegedly from the World Health Organization and a fake disease prevention waitlist portal. Additionally, a Venmo-like interface was recently discovered in the form of an emergency fund to generate relief dollars for those in need, and the Better Business Bureau has received numerous reports of individuals acting as U.S. Department of Health and Human Services and other government department employees, instructing text message recipients to click on a link for a so-called mandatory online COVID-19 test.

Who is working from home? Do they have everything they need? Can they stay connected? Are they OK? Companies around the world have been struggling to answer those questions in recent weeks as the COVID-19 virus became a global pandemic and suddenly forced many workers, and their employers, to adjust to remote working. As human resource policies, security concerns, connectivity and productivity have all been challenged, PwC U.S. rolled out a solution to answer the most basic and pressing question: “Are you able to work today?” With a simple interface, a quick and anonymous process, and with security and privacy baked in, PwC’s solution helps clients quickly determine what percentage of their workforce is enabled to work effectively and what percentage has issues with technology, mobility, supplies or well-being. If widely adopted, the solution should pave the way for a second PwC product: an application designed to help track and trace employees in the event of someone contracting COVID-19. In TBR’s view, these paired solutions demonstrate a concrete and immediate response — from idea to launch in five weeks — to some of the issues facing global companies during the pandemic and should set PwC’s clients up to better understand and manage remote working productivity in a post-COVID-19 world. 

First: Confirm status

Every company needs to know whether its workforce can be productive on any given day — an issue that hardly seemed critical or hard to measure at the start of 2020. Now, getting a daily picture of potential productivity has become an ongoing challenge for many companies navigating COVID-19, raising questions around what percentage of the workforce can be expected to be productive. On April 1 PwC launched a solution, Status Connect, to address that challenge while still conforming to privacy and security standards. At its core, the solution allows administrative professionals within an organization to know what percentage of the workforce in any specific geography and/or business group has an issue preventing them from working effectively. With that information, particularly as daily responses turn into trends, a company can deploy additional resources where needed, forecast potential slowdowns, and gain insights into what kinds of underlying problems hold back the company’s overall productivity.

Initially the solution offered employees only two choices, technology and other, in essence to gauge what is challenging their ability to work effectively, but PwC has already expanded the choices to technology, mobility/travel, business supply and well-being. PwC leaders noted that some clients already adopting the solution anticipated needing a more complex set of options to gain meaningful insights, until PwC explained the richness of data insights available across a large population based on a simple user experience. As the firm continues developing Status Connect, it is adding gamification to enhance the sense of community and drive adoption and commitment to using the solution every day, as well as daily custom broadcast messages and company customizations. Notably, the firm has implemented the solution across some parts of the U.S. member firm, but not yet globally.

As TBR has previously noted: “With risk permeating every business conversation and PwC accelerating investments in digital-related offerings, including PwC Connected Solutions, which sits within its Risk and Regulatory Platform business, the firm has prepared for the next wave of opportunities. Trading on trust remains at the core, especially as the politics of data continue to disrupt PwC and its clients. Becoming customer zero keeps PwC consistent with peers, while pulling in risk differentiates, particularly against non-Big Four competitors. But the firm creates a good use case for embracing digital when it comes to managing risk.” PwC is not immune to COVID-19 and all of the workforce management implications that come with it. Adopting the solution internally is certainly the proper next step as the firm strives to protect its spot in the market as the shift to digital operations elevates the strategic importance of risk and compliance functions.

It takes a village, but a distant one

For years, IT services vendors — and now increasingly consultancies — have been building business models around supporting enterprises’ IT and business processes, largely by leveraging the human arbitrage model and price-competitive offshore centers. While in recent years many vendors have begun to build on-site and/or nearshore facilities offering higher-value services, COVID-19 is now challenging these vendors to shift to remote support. For vendors that largely rely on using offshore hubs in locations such as India and the Philippines, the struggles will be even greater as these countries typically lack well-established infrastructure, iNet connectivity and electricity. But even vendors that rely on a high-touch consulting model and house the majority of their workforce in more developed countries with reliable infrastructure could be pressured in the short term due to an absence of personalization and face-to-face interaction. In addition to these hurdles, all vendors face the challenge of skill shortages, particularly in emerging areas such as AI, blockchain and data science, further hindering vendors’ ability to deliver on their DT programs’ promises.

According to TBR’s December 2019 Digital Transformation Insights Report: Voice of the Customer, improving HR operations, employee efficiency and effectiveness ranked in the middle (No. 5 out of 10) as a DT objective among surveyed enterprise buyers, not only currently but also within the next two years. We believe, however, that COVID-19 will likely force buyers to reorder their DT objective priorities and place HR transformation at the forefront. Vendors that are able to weather the storm by successfully navigating their own internal HR transformation, addressing remote working challenges and executing on business continuity plans with minimal disruption will likely emerge as the winners when the COVID-19 crisis abates.

The two largest opportunities within HR transformation will be centered on: 1) change management, which is typically a consulting discussion, especially for buyers that have yet to embrace the remote working culture; and 2) digital workplace solutions, as the need for implementation and management of platforms like Zoom (Nasdaq: ZM) and Microsoft Teams (Nasdaq: MSFT) at the enterprise level is already positively impacting vendors’ top line.

While digital transformation (DT) began to permeate both the lexicon and the minds of enterprise buyers and third-party providers about five years ago, the current global pandemic has brought a dose of sobering reality, raising questions around not simply when to embrace DT programs but also which processes are most critical to weather the storm. We see employee management, aka HR operations, and cybersecurity as two areas enterprise buyers will race to invest in as the COVID-19 outbreak disrupts operational cadences and highlights security risks associated with remote working. Supplying those services will not be enough; IT services vendors and consultancies must bring their clients reliable scale, making partnering even more critical for digital transformation. 

The devices business is sensitive to how and where people work, communicate and play

The COVID-19 crisis is changing how and where people work and how they spend their free time, all of which directly affects the PC business, adjacent devices and services businesses, in addition to networks, data centers and cloud businesses. Many of these changes are opportunities for device vendors, but the global recession, and buyers’ conservatism in the face of uncertainty, will negatively impact vendors until a recovery is underway. The novel coronavirus illness and consequent control measures are influencing the supply and delivery chains as well as sales and servicing processes. Even after recovery from both the pandemic and the recession, some of the changes in working patterns are likely to be permanent as institutions and people find benefits in remote work, accelerating and institutionalizing a growing trend. Similarly, the movement toward using technology to improve health and healthcare is being greatly accelerated by the crisis.

The global crisis has many moving parts, all affecting devices and how they are used

There are several different components to the changes brought about by the COVID-19 pandemic.

• The illness itself is changing the lives of many people and directly affecting the global workforce as people become ill and others are caring for them.
• The measures taken to slow the spread of the disease are drastically reducing economic activity, and devices sales are closely tied to economic activity.
• Most importantly for the devices business, many more people are working remotely and many are relying more heavily on home-based communication and entertainment.
• The implosion of the travel and hospitality businesses, as well as other personal services and retail businesses, is causing a rapid decrease in global economic activity, exacerbated by the downstream consequences of direct impacts to business.
• It is possible that the virus and its mutations will impose a long-lasting threat, resulting in long-term changes to patterns of living and working.
• Some of the changes brought about by the pandemic are accelerations of existing trends, such as working remotely, adoption of cloud-based solutions, and telemedicine; as such, these will remain in place after the crisis subsides.
• The severity and the duration of the current crisis is indeterminate, undoubtedly leading to long-term consequences.
• It is likely that as some geographic areas recover, other areas, especially rural areas, will experience new pandemic-based limitations on social interaction.