As companies extend commitments to remote workforces, cybersecurity teams need to address new risks while helping create business value in the next normal. The digital response to the COVID-19 crisis has also created new security vulnerabilities. Attackers seek to exploit the gaps opened when telecommuting employees use insecure devices and networks. Threat actors also use known attack techniques to exploit people’s COVID-19-related fears.
Key findings include:
- 76% of office workers surveyed say working from home during COVID-19 has blurred the lines between their personal and professional lives.
- 27% of office workers surveyed say they know they are not meant to share work devices but felt they ‘had no choice’ – yet 85% of ITDMs worry such behavior increases their company’s risk of a security breach.
- Half of office workers say they now see their work devices as a personal device, while 84% of ITDMs worry such behavior increases their company’s risk of a security breach.
- Over the past year: 54% of ITDMs saw an increase in phishing; 56% an increase in web browser related infections; 44% saw compromised devices being used to infect the wider business; while 45% saw an increase in compromised printers being used as an attack point.
Chief information security officers (CISOs) and cybersecurity teams will need to approach the next horizon of business with a dual mindset. They must first address the new risks arising from the shift to a remote digital working environment, securing the required technology. They will also need to anticipate the next normal – how their workforce, customers, supply chain, channel partners, and sector peers will work together – so that they may appropriately engage and embed security by design. The new context of changing customer and employee behavior and a constantly shifting threat landscape must also be considered.
Secure The Workforce in New Ways of Working
As cybersecurity leaders are increasingly getting a handle on the first stage of the pandemic, CISOs are now shifting to anticipating how the business environment will be affected by new conditions. They are adapting to incorporate these expectations of the next normal into both current cybersecurity activities and long-term cyber-risk strategies. Organizations could emphasize the following cybersecurity initiatives:
- Dynamic Security
Static, network-based security perimeters will no longer be sufficient. The security dynamic among users, assets, and resources must be the new focus. Define identity as a perimeter with scaled-up capabilities in identity and access management, privileged-access management, multifactor authentication (based on devices or biometrics), key management, and heuristics based on log-on behavior. For assets, consider a strategy using a software-defined perimeter and enhanced network segmentation (using logical micro-segmentation through next-generation firewalls). Protect end-point assets and utilize real-time anomaly detection with end-point-detection and -response systems. Protect data assets through enhanced block-mode data-loss-prevention tools and utilize a model of preapproved sites as a default for external access.
- Cloud-Based Tools and Infrastructure
The need for greater agility and flexibility will accelerate the use of the cloud. Restrict localized data storage for the remote workforce and transform end-user infrastructure through increased adoption of virtual desktop and desktop as a service. Support the increasing shift to a multi-cloud environment and cloud-based services through access controls at points where policy is decided and enforced; implement a cloud-access-security broker.
- ‘Contact Aware’ Workforce Privacy
Heightened security will require new agreements with employees. Factor in the implications of workforce privacy and employee consent to introduce contact-aware tools, such as contact tracing and temperature taking, in the workplace.
- People Defense
Companies will need to extend their operational defenses as working from home becomes standard. Roll out insider-threat-detection programs and explicit policies for a safe remote workplace. These could include restricted remote printing and prohibited sharing of company devices with family members. In addition, companies could consider helping employees manage stress levels, offering support in the current circumstances. Protecting employees is not just a leadership imperative: it will also reduce vulnerabilities created by worker anxiety.
- Remote Cybersecurity Operating Modeland Talent Strategy
The new ways of working will have implications across the enterprise. Rethink the cybersecurity operating model and continuity plans for physical-location-constrained operations, including automation opportunities. De-risk by design and further embed in application-development processes the principles and capabilities of DevSecOps – the linkage among development, security, and operations. Use the imperative of remote working as an opportunity to gain access to a broader pool of cybersecurity talent where there is an existing gap in local talent pools.
Secure The Customer Journey Through the Shift to Digital Business
Customers should be offered a secure and seamless digital experience – especially first-time users or those who are not tech savvy. As customers demand greater choice in their interactions with companies and expect greater digital availability, cybersecurity teams can add value by helping their institutions reimagine the secure customer journey. Several cybersecurity levers should be prioritized here:
- Frictionless Customer-Security Experience
Advance capabilities on customer-identity and -access management, including the use of a single customer identity across all digital channels and of omnichannel authentication.
- At Scale
Test cybersecurity controls (such as log-on controls, bot mitigation, network security, and firewalls) and monitoring to understand whether they can continue to perform at scale. Determine whether there is adequate redundancy in high-volume environments without adverse impact on user experience.
- Privacyby Design
Treat customers as partners in security, involving them in an education and awareness campaign.
- Advanced Analytics
Integrate security in fraud controls and vice versa. Feed security data (including log-on, device-binding, and jailbroken-device information) to heuristic risk-model engines that can improve authentication or stop a fraudulent transaction.
In the next normal, cybersecurity will be embedded into new processes and technologies as a strategic imperative rather than as an afterthought. It is therefore more important than ever that cybersecurity leaders understand the ongoing changes in how their business is creating value. With such understanding, these leaders can dynamically modify priorities to reflect new business requirements, opportunities, and constraints.
Learn more about how ClinkIT Solutions can Secure, Optimize, and Synchronize (S.O.S.) your business cybersecurity through certified CISO (Chief Information Security Officer) services. Get started today.