As organizations adapt and respond to the impact of COVID-19, significant new challenges are on the rise as a majority of the workforce has shifted to remote work arrangements. Employee-owned devices and home networks that were not formerly protected by enterprise security controls have rapidly expanded many organizations’ attack surfaces. At the same time, adversaries are taking advantage of the public health crisis by creating new phishing campaigns to deliver damaging ransomware, malware or extortion schemes.