The Covid-19 pandemic has created huge pressures for businesses across the world as they strive to retain some semblance of business as usual under the most extreme of circumstances.
For cybersecurity professionals, this challenge has taken on a dual emphasis, as they have had to contend not only with maintaining business continuity, but also ensuring that customers, suppliers and other stakeholders are protected from hackers who have used the pandemic to launch attacks in a multitude of different ways.
During April, Google revealed that there were around 18 million phishing and malware emails detected every day on Gmail in messages related to the virus.
Cybersecurity professionals have also had to cope with widespread commercial disruption, with core dimensions of the business affected. Supply chains have had to be reconfigured, relationships with regulators have intensified, and new channels have emerged for customer relationships. The teams themselves have had to cope with the disjointing impact of remote working, with few cybersecurity staff expecting to go back to a physical office any time soon.
A dual mindset
It’s a situation that will require information security and cybersecurity teams to view the near future through the twin lens of commercial and security. This will require not only the securing of the new remote working platforms companies are installing, but also anticipating the changes that will emerge across the business as an attempt to create a ‘new normal’ is undertaken. There will inevitably be disruptions to workflows, to supply chains, to channel partners and other stakeholders over the coming months, and it’s crucial that security staff are heavily involved in these plans so that security is embedded by default.
Encouragingly, the pandemic has seen cybersecurity pushed to the frontline as attacks have become more common, not to mention harmful. Just as health and safety has transitioned from being seen as a barrier to progress and development towards a crucial part of getting things done, so too has cybersecurity undergone such a shift in perception.
The lockdown period has seen a general focus on three core areas of activity among cybersecurity teams:
- Directly tackling hotspots - The shift to remote working has forced many teams to adopt ad hoc systems that lack the security of on-premise networks, so teams have had to secure these new networks whilst also ensuring any training gaps are addressed and digital hygiene is maintained.
- Patching up operations - The early days of the pandemic saw a great deal of disruption to our ways of working, and so a lot of ad hoc processes were introduced to make such changes in such a short space of time. This typically saw reductions in security forced through to ensure operations could continue, but as organizations became more attuned to the new methods, many security protocols were re-introduced.
- Making key digital gains - As new ways of working began to embed in the minds of workers, organizations have begun to standardize security processes for remote working. There have also been clear moves to fortify consumer security and fraud prevention processes.
The new normal
The early months of the pandemic have been typified by a real sense of adapting on the fly to events as they unfold. As those early processes have been embedded, and teams have had a modicum of breathing space, they have begun to look ahead at what the next normal might look like. This is involving a number of steps, including:
Ensuring new ways of working are secure - Many commentators expect the remote working boom forced upon us by Covid-19 to endure beyond the crisis, and so a combination of a range of approaches is likely to be adopted, including:
- Better use of cloud-based tools and infrastructure to provide the agility organizations need.
- The extension of operational defenses to include things such as insider threat detection as the workforce adopts remote working as default. For instance, this could include restricting use of company tools by family members, or helping employees manage their stress levels.
- A fresh approach to workforce privacy, especially as organizations introduce measures to track and trace infected employees.
Ensuring new customer journeys are secure - Covid-19 has had a profound impact on customer experience, with many adopting digital channels for the first time. This has created clear trade-offs between making such an experience easy and making it secure. Looking forward, there are a number of things cybersecurity teams will need to consider, including:
- Ensuring that new cybersecurity processes, such as bot mitigation or firewalls, can function effectively and efficiently at scale.
- Ensure that privacy is built into digital channels by design, which will require teams to involve customers in the process and make strong use of education and awareness campaigns.
- Render the customer security experience as seamlessly as possible via the use of a single customer ID across all channels, and therefore enable customers to transact across mobile, web, and telephone in a seamless way.
Ensuring new supply chains are secure - Effective security is a collaborative endeavor, and therefore third-party and channel-partners are vital parts of your security efforts. To ensure the network is as resilient as possible will require cybersecurity teams to consider things such as:
- Widening assessment coverage so that it covers more vendors and shadow third-party services.
- Build joint resilience with your supply chain partners, with security-assessment controls helping to test the robustness of your network.
- Collaborate with the supply chain using secure remote-collaboration tools that take account of the security implications of changes in business conditions for your partners.
It’s increasingly clear that modern cybersecurity professionals need more than just technical skills in order to thrive. By adopting a dual mindset that takes into account the commercial realities for your organization, you can ensure that you remain secure during this period of unprecedented change.