This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

At the beginning of the COVID-19 pandemic, businesses scrambled to rapidly deploy a remote workforce which created new challenges for businesses and financial institutions to continue operating and providing critical services. It also created an opportunity for malicious actors to hack into and gain access to IT systems and sensitive, personal information.

New research from VMware reveals a significant increase in cyberattacks experienced by financial institutions and banks between February and April of this year. VMware data indicates that close to a third of all cyberattacks target either banks or the healthcare sector. While some states are rescinding their stay at home orders, some companies are still erring on the side of caution by continuing to work remotely or have made the decision to work remotely indefinitely such as Twitter. As a result of the uncertain future of COVID-19, a lot of businesses will continue to work remotely and those that collect and manage financial information, including processing of payment card information, will need to assess any cybersecurity vulnerabilities, implement safeguards to protect financial information and educate and train its workforce. In response to COVID-19, many U.S. federal and state governmental agencies have issued helpful guidance for businesses to help prevent and mitigate cybersecurity incidents.