A majority of staff is now working remotely, using personal devices, on unprotected networks, and often collaborating via unsecured tools. Obviously, this will result in a number of new or increased security threats, across the enterprise.
However, the truth is that the distributed enterprise is here to stay, and remote working is the new normal. From a security standpoint, that means IT teams – and business leaders – must protect the organization from constantly evolving attack vectors and bad actors that staff are seemingly more vulnerable to now, as they work outside the boundaries of the corporate network.
In the pre-pandemic world, organizations had arguably more control over their staff, assets, network, and infrastructure. Yet, security was considered a major challenge. A 2019 survey found that only 30 percent of organizations were very confident about their security posture.
If renewed in 2020, a downward revision of that figure will not only be expected but will also be considered natural. In fact, since a lot of organizations were forced to drive into the new normal without a lot of time to prepare themselves, security was simply patched-on as first-aid, instead of being implemented as part of a well-thought out plan.
Gartner’s analysts recently assessed the impact that the pandemic has had on businesses and concluded that the accelerated digitization of business processes, endpoint mobility, and the growing dependence on the cloud has exposed legacy thinking and technologies within organizations – including in the security space.
Leaders who are keen to build resilient businesses as they overcome the challenges posed by the pandemic must, therefore, find ways to transform how they manage and respond to security concerns first.
Policy, preparedness, and visibility in the next normal
Businesses seeking to up their security game will do well to segregate the risks they face into three key buckets – remote worker and access policy, cyber preparedness, and security operations and vendor management.
Some might argue that the first bucket, remote worker and access policy, is something that has already been dealt with when millions of staff were enabled to work from home at the start of the pandemic. However, the reality is that many organizations did not have sufficient time to prepare for the move and hence, might not have had a chance to make the most robust choices for their staff.
For this reason, leaders need to understand how access capabilities are tested, how endpoints are secured, and finally, review the plan to prepare those working remotely to steer clear of social engineering attacks, including the more sophisticated phishing attacks that target busy leaders in the organization.
We have worked closely with many organizations to improve their security posture as they transition to remote work. We believe that the best way to make the leap is to adopt a zero-trust framework. From a technical perspective, this involves employing solutions such as remote access VPNs, adaptive multi-factor authentication (MFA), and DNS-layer security, among other things. For the organization, this ultimately means that all staff, irrespective of their location, are protected from known threats and that the security teams are well-equipped to detect and respond to unknown threats.
The next security bucket that leaders must pay attention to is cyber preparedness, which primarily involves incident response along with a renewed focus on protecting employee information.
Truth be told, this is the big one for leaders looking to build resilient enterprises in the coming months because of the significantly expanded attack surface and the constantly evolving sophistication of attackers. Gartner, who recently identified seven security areas to focus on during the pandemic, put incident response first.
According to the market research firm’s analysts, most security and risk management teams are operating in an environment that they’re not familiar with – and are probably not equipped to continue executing on everyday tasks with confidence. Effectively, incident response plans and protocols in most cases are now obsolete.
To remedy the situation, leaders must encourage the response team to review the threat landscape in the new normal and fill in primary/secondary and alternate roles to ensure incident response is as seamless as it can be. Personally, I believe that leaders should facilitate regular cyber-physical drills to keep the organization’s security perimeter as strong as possible.
While incident response is top of mind when thinking of cyber preparedness, business leaders cannot discount the privacy of employee data. Working remotely means employees are personally more vulnerable, and hence, organizations that want to build a resilient enterprise that supports its staff must go the extra mile to restrict collecting data where possible and keep data confidential when collection is critical to comply with regulations or business policies.
Linked closely with incident response and employee data security, the final bucket that business leaders need to be cautious about is security operations and vendor management. Any organization that intends to protect itself from security threats needs to work closely with its vendors and refine its security operations center (SOC). This last bucket, unfortunately, is hardly something business leaders can check-off their list without a certain amount of due diligence and preparation.
Resilient organizations need next-gen security
At Cisco, we believe that the next generation of defense must be provided by a platform that offers unified visibility, enables automation, and strengthens security across network, endpoints, cloud, and applications – all without replacing existing security infrastructure or layering on new technology. That’s what SecureX does.
It is the broadest, most robust security platform that connects the breadth of Cisco’s integrated security portfolio with the customer’s infrastructure for a consistent experience.
From a business perspective, SecureX protects staff when they collaborate remotely, while reducing complexity for the organization, helping it better defend against threats, and create a better security posture.
SecureX empowers users with measurable, meaningful metrics and analytics to make more informed decisions and accelerate threat response times: 95 percent of customers report that the platform helps them quickly take action and remediate threats.
At the end of the day, security underscores everything we do at Cisco. I’m happy to see that the topic also underpins most of the conversations we have with leaders looking to prepare their organizations for the next normal, and glad that Cisco can help its clients make the right security choices – with confidence.