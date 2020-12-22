Corey Nachreiner, CTO, WatchGuard Technologies

The COVID-19 pandemic has placed enormous demands on cybersecurity resources and budgets at a time when organizations need to balance costs and benefits more than ever. At the top of my list for pandemic spend are bolstering your endpoint protection suite, deploying enterprise-wide multi-factor authentication (MFA) and renewing your employees’ security awareness training. First, your security depends heavily on endpoint protection during this increased work from home period. Your employees’ home networks certainly don’t have the same protections as your workplace, and in some cases, may be as dangerous as open, public networks. Without control of the network, endpoint protection becomes your primary means to secure corporate data and assets. Many organizations relied on some form of endpoint anti-virus before the pandemic hit, but to survive today’s untrusted networks, you need to make sure your endpoints have a full suite of security services. The good news is that many modern endpoint protection products include layers of security, such as multiple types of malware protection, a local firewall, disk encryption, system management, patch management, web and email security and even endpoint detection and response. So, make sure your home employees have this type of full suite protections on their work computers. The next thing to focus spending on is authenticating your workforce. When your employees work remotely, you can only authenticate them digitally. Presence in your office is no longer a factor in validating they are who they say they are. Meanwhile, authentication is the cornerstone of security. The people you trust have the ‘permissions’ to skate past many of your security controls. If an attacker can somehow steal or replay your digital authentication, they can become you or your users, and bypass many of the defenses you’ve built against the untrusted world. That is why strong digital authentication practices are so important, especially in an increasingly remote and virtual world. We all know passwords are imperfect and get lost and stolen, frequently. Biometrics are convenient, but attackers can bypass them too. The strongest digital authentication doesn’t rely on only one, but many authentication factors. Deploying MFA to all your employees will protect your organization more than many other defense controls. Last is the security awareness piece. With employees working from home on less trusted networks, with less protections, their actual security becomes even more important. It’s in your, and your employees’, interest to have great security awareness training. This doesn’t only help avoid mistakes that could threaten your company, but also helps employees to protect their own personal digital life. Make sure they have clear and effective training, with a special focus on phishing and spear-phishing. Keep in mind, the pandemic has introduced its own new sophisticated phishing lures, so make sure everyone is aware of new scams and emails, and it will be money well spent.

Steve Durbin, Managing Director, ISF

Release from COVID-19 lockdowns across the globe will be complex and drawn-out with several ‘false starts,’ resulting in restrictions being re-imposed. Fears of a further outbreak and reluctance to return to the office will cause delays to resuming normal operations. As CISOs and other business leaders reflect on their efforts to keep the business running, the next phase – adapt – presents another set of challenges. It is a critical time for organizations that will determine their long-term recovery and future success. As organizations adjust to a new operating environment, the CISO’s role in resuming normal business operations remains vital. As a function leader tasked with protecting the organization’s information assets and technical infrastructure, CISOs need to understand board-level concerns. This involves taking a business view, which relies on close engagement with business leaders and other senior stakeholders. The task ahead is now greater than ever before. Many circumstances remain outside the control of the organization, but where possible, CISOs need to accommodate the business requirements both inside the organization (e.g. operations, workforce and technology) and beyond (e.g. suppliers, business partners, regulators, customers and even the public). Against this backdrop, a unique situation has arisen for the CISO. Unlike many other functions where the nature of the work has shifted, the workload and expectations for the security function have dramatically increased. While new risks have emerged and are receiving prompt attention, CISOs must also keep existing risks within acceptable levels – all while the organization’s risk profile continues to change, forcing the board to re-evaluate its risk tolerance. Applying established risk management principles will act as a strong guide during these difficult times. Good risk management will enable meaningful engagement with business leaders on key issues such as: • Prioritizing business assets for protection • Profiling threats • Reducing exposure of assets • Estimating financial loss Business leaders will inevitably need to make difficult decisions with implications for budgets, resourcing and program prioritization. However, this is not the time to cut security budgets and put business protection initiatives on hold. CISOs play a pivotal role in helping business leaders make informed decisions about risk. Although a great deal of focus and attention is directed towards supporting and protecting an organization during a time of significant disruption, proactive CISOs are already pursuing opportunities and planning for the future. Whether budgets increase or decrease, risk management and security functions will need to prepare for long-term cost savings, redirection of investment and process efficiencies. The results of these and related benefits will need to be demonstrated to business leaders and stakeholders. Risk management will play a pivotal role in the success of organizations as they resume normal operations.

Jason Soroko, CTO of PKI, Sectigo