Looking beyond the pandemic – how security and continuity strategies may change
- Published: Wednesday, 27 May 2020 08:19
Businesses are facing unprecedented pressure amidst the current global pandemic, and while most will be focussed on surviving through COVID-19, it is also vitally important for organizations to consider what their security and continuity strategies will look like post-pandemic. Continuity Central spoke to six technology executives for their thoughts on this.
Automate where possible
“For years now, we have lived in an age of alert overload, with security, risk, compliance, and response teams overwhelmed by the data points they receive,” says Richard Cassidy, Senior Director Security Strategy at Exabeam. “All too often in the news, we see the result of critical alerts and events slipping through the defensive net. As we plan for a new normal, we need to consider how we can better support our security teams and automate as much of the more time intensive and mundane tasks as possible. This will help security professionals better protect their organizations, and will help more junior analysts do more to support their team. But we also need to rethink security operations centre / center (SOC) practices – the attack surface is far greater now and IoT security is a bigger risk vector than ever before. Organizations need to cast their net of inspection far wider now. The home office is the new corporate cubicle, and security teams will need to detect anomalies from home networks, users and devices – sources that are far easier to compromise, because they inherently lack security capabilities.
“Key to this is a foundation of behavioural analytics that can help detect attacks and automate incident response. This frees up security teams enormously by using existing datasets to detect anomalies across the entire estate and monitor critical assets to find early signs of suspicious activity. When presented with the most critical information and with all of the necessary context, security teams can better respond, mitigate, and remediate the many threats they are faced with.
“Continuing to apply legacy approaches in a new normal will not work – it wasn’t working before. Organizations should look at this period of great change as a catalyst for innovating, evolving and enhancing their approach to security.”
Time to prioritise for the long-term
Jeremy Atkins, UKI Sales Director – Enterprise & Public Sector at Commvault, says, “Right now, IT leaders should be thinking about how to deliver the right service, securely and efficiently, as long as the lockdown endures. Not only this, but they should be thinking about how this situation has affected their long-term IT strategy, and how much they need to change it so it best aligns with the new normal.
“There are key questions the senior IT executive must ask themself. Do endpoints have adequate protection? Are you protecting the data in the cloud? Have you reviewed and updated your operational processes? Have you reviewed and updated your contingency plans?
“It is vitally important at this time for businesses to think about what they currently have on their IT agenda, and assess whether some projects can be put on hold. Now is the time to focus on what needs to be done in order to secure and enable the business, then build the new programme that will make life easier and more flexible in the future. Whilst the current situation may be temporary, it still leaves plenty of opportunity for disaster and attack both from external and internal sources. Along with the speed and scale of this change, we cannot exactly pinpoint where we will be in six, 12, 24 months, so it is best to be prepared for whatever the future may hold.”
More sophisticated data protection
Google reported that it had blocked more than 18 million COVID-19 related phishing emails every day during the first week of April. Steve Blow, UK Systems Engineering Manager at Zerto, says “it is not surprising that cybercriminals are taking advantage by executing ransomware attacks amidst this pandemic, as many organizations, especially those in healthcare or public sector, face enormous pressures to keep systems up and running. The likelihood of a payout increases with the urgency of the need for patient/customer data to be secure.
“Cybercriminals often exploit vulnerabilities in employee emails, so it is crucial to have the right cyber defences / defenses in place to avoid a disaster where critical data could be at risk – especially when it comes to government or healthcare organizations. Having appropriate role based access control and an extensive tiered security model will help minimise risk. But, the attack itself is only half of the problem because, without sufficient recovery tools, the resulting outage will cause loss of data and money, as well as reputational harm.”
Bob Davis, CMO at Plutora, also emphasises the importance of businesses having sophisticated enough technology:
"The basic collaboration tools everyone has flocked to aren't enough for them to communicate the complexities of a software pipeline, much less the health of the software delivery life cycle. Software delivery teams were used to an intricate web of connection, collaboration and communication that has been upended. Though teams that return to the office may be able to get back to what they're used to, many businesses may find themselves continuing this remote model for much longer, either part-time or full-time.
"The solution for each of these scenarios is a VSM (value stream management) product. No matter where people are, they can collaborate in a way that fits their role. VSM provides a single source of truth across an array of remote workers and remote software development teams, meaning that regardless of whether every employee is able to return to the office, they can still work effectively with their teammates. VSM is the foundation for work transparency and provides team members access to self-service learning, ensuring everyone will always be on the same page. It also provides managers with insight into their team without requiring manual documentation and check-ins, again improving efficiency, and helping remote workers to focus on the job at hand, rather than checking in repeatedly every day. As we learn to get back to work, it's crucial that businesses relying on software development start to implement these measures now, to ensure a smooth transition to the 'new normal' of the future."
Connected but secure infrastructure
Jay Ryerse, CISSP, VP of Cybersecurity Initiatives at ConnectWise, points out:
“Businesses need to ask themselves, how did they digitally transform their organization to allow all or the majority of their employees to work from home? Did the rush to do so create any security vulnerabilities? So the conversations that need to take place are how can they slowly bring employees back into the workplace – not only without risking the spread of disease even further, but also in a way that is secure and safe on a digital front.
“It’s important to consider that not all employees will want to come back to the office full time. Also, with the requirements of social distancing likely to be long-lasting, many organizations will have to implement designated work-from-home and in-office days for different teams. This will clearly impact how organizations purchase IT infrastructure going forward, for example, buying more laptops instead of desktops. That also means they will need to train employees on using a VPN connection to ensure the business can control whether the data flow is secure without putting the organization at further risk from using BYOD.”
Thinking beyond the temporary
We are living through a monumental turning point right now in the form of COVID-19. For years to come, there will be a rhetoric of ‘before and after’ the global pandemic – so much so that many people are already beginning to wonder what the ‘after’ has in store.
“For many businesses around the world, the upheaval caused by the virus has been nothing short of chaotic,” comments Alan Conboy, Office of the CTO at Scale Computing. “Deploying a work-from-home strategy smoothly and securely, as well as the enormous spike in ransomware attacks during recent months, have been the root of concern among many business owners, governments, and schools. The focus for all organizations right now, and post-pandemic, must be business continuity: investing in systems that combine preventative measures and planned reactive measures to ensure that an organization can continue doing business, despite potential threats, like those caused by the pandemic. In the IT world, this may include backup, disaster recovery (DR), easily deployed work-from-home solutions, and cyber security.
Conboy concludes: “While in the midst of the chaos it may seem irrelevant, or even a waste of time, to think longer term about business continuity. However, the potential for many organizations to keep a vast majority of their workforce working remotely, even as we begin to come out of the other side of COVID-19, in order to save on the cost of an office space, means it would be wise for organizations to consider investing in solutions and processes that are simple to implement, manage, and maintain remotely. Solutions that have built-in backup and DR, allow users to work remotely, safely, and securely, and provide protection from ransomware are becoming increasingly important in the new and uncertain times we are living through.”