Does COVID bring opportunity for Remote Cyber Security?
COVID-19 has forced us to transform the way we work with many employees still working from home. As a result, companies are re-evaluating their stance on remote cyber security.
Organised crime groups have repeatedly exploited fear, uncertainty and doubt over COVID-19 — repurposing phishing attacks, building fake websites, using specifically targeted ransomware or stealing of data for blackmail purposes. Cyber risk has increased, at least in the short term. The very real possibility of insider threats is also cause for concern. Many organisations are facing an uncertain future. As demand declines, supply chains are disrupted, debt increases and the realisation of cost reductions, restructuring and liquidation grows.
So how to catch up to the new reality?
First of all, organisations are playing catch up. That means re-establishing effective controls over new remote-working models:
- More effective email and web security.
- Dealing with a backlog of patches and updates.
- Rolling out more robust authentication for remote access.
- Review cloud security configurations.
Secondly, businesses must review resilience. What if you have a cyber-attack or a technology outage in the middle of dealing with the extended impact of COVID-19? COVID-19 has forced companies to have a clearer idea of what matters to their business, critical business processes or key individuals. Organisations are establishing crisis management arrangements and to doing so with pace and agility.
Thirdly, comes the challenge of securing an organisation under stress. As government furlough and support schemes expire, companies may see considerable employee redundancies, restructuring, asset disposal and even liquidation. Businesses will need:
- An effective leaver processes.
- To deal with a heightened insider threat from disgruntled employees.
- To advise on secure disposal of assets.
- To try and maintain security when budgets are under pressure.
All of these push employers towards newer security models of ‘zero trust’, which can provide confidence when operating over untrusted networks and infrastructure.
Seize the opportunity
Of course, the challenge of reducing the cost of security will provide a key role too. Many organisations are already looking for cost reductions across many overheads. However, an integral part of evolving with this new remote era will be operating securely in the digital and cloud environment. There’s an opportunity to rethink cyber security and to look at embedding it into core processes such as:
- Robotic process automation around manual security processes.
- Integration with IT key workflows.
- For new managed service and delivery models.
- For new models of risk management: including better tracking of supply chain stresses.
If security is an element of transformation, then we have a genuine opportunity to embed remote cyber security within our core business models, creating a more stable and resilient future.