A couple quarters into the global pandemic experience, it’s safe to say we’ve all learned a lot. In this blog, I’m going to summarize some of the high-level cybersecurity and business continuity lessons learned.
1. The “scramble” phase is behind us
In the initial months of the publicized coronavirus outbreak and the onset of social distancing, , organizations had to hastily figure out ways to send employees home and then get remote users online as quickly as possible. This wasn’t easy. According to new research from ESG and ISSA, 26% of survey respondents claimed that giving remote users access to the corporate network was one of their top challenges. This required implementation or re-configuration of a flurry of endpoint and networking technologies to enable connectivity and basic security. For many companies (depending on the region), this sprint occurred in early March and is pretty much done at this point, but organizations are still in the process of finding and cleaning up a bevy of new cyber risks.
2. Access is followed by user productivity
Once remote worker had access to corporate networks and cloud-based applications, the next move was to make them productive this environment that was foreign to many of them. This required scaling both security and IT operations – posing another challenge for IT and security teams. According to the ESG research, 62% of organizations say that the rapid move to work from home (WFH) significantly impacted the security team’s ability to support end users. Smart organizations are addressing issues like these by creating and deploying standard configuration templates for user devices. Many organizations have also adopted new types of service desk tools that can scale to help users working outside of traditional security perimeters. When users struggle to install home printers, help desk personnel can quickly troubleshoot problems without long tedious phone calls with non-technical employees.
3. Organizations are locking down policies
During the scramble phase, access and usage policies and administrator privileges were minimized to get everyone online quickly. Months later, CISOs are slowly fine-tuning policies to mitigate risk. For example, third-party IT vendors need secure access for maintenance purposes, but don’t need the ability to roam free on the network. Organizations are closing these network vulnerabilities. There is also a need to enable end-users without giving them full administrator privileges to their systems. Once again, organizations need granular policy management at scale to address the productivity and security needs of a remote workforce that may have increased in size by many multiples overnight.
4. Insider threats are on the rise
With less oversight and security controls in their way, malicious employee activity is an unfortunate outcome of WFH and the global pandemic. ESG is also seeing more user negligence for the same reasons. CISOs are addressing these problems with stronger password management and least privilege policy enforcement. Many firms have also increased end-user logging, looking for anomalous/suspicious behavior.
Going Forward: A New Remote Work Reality
Now that the initial shock of COVID-19 has subsided, most CISOs I speak with view WFH as the new reality. In fact, the ESG research study found that 68% of cybersecurity professionals believe their organizations will be more flexible about work from home / remote working policies once the pandemic is a distant memory.
What does this mean? Rather than playing “whack-a-mole” with security issues like the ones described above, security teams should be taking a strategic approach to WFH security. Again, this means scaling operations, adjusting policies, and reducing the attack surface by hardening system configurations and enforcing least-privilege access. By crafting a long-term remote work/work from home security program sooner rather than later, CISOs will be able to minimize their enterprise’s cyber risk, while poising their businesses to adapt and thrive during the coronavirus and beyond.
For an in-depth, research-based exploration of how COVID-19 has changed CISO priorities, check out my on-demand webinar here.
Jon Oltsik, CSO and Principal Analyst at Enterprise Strategy Group (ESG)
Jon Oltsik is an ESG senior principal analyst, an ESG fellow, and the founder of the firm’s cybersecurity service. With over 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.