How to approach cybersecurity in the post-COVID-19 world

COVID-19 is changing everything. Along with social distancing, disrupted supply chains, fragmented workforces, and the rise and reliance of video meetings and conferences, the pandemic is driving acute systemic changes in consumer and business behavior – these changes are causing an outbreak of new and unanticipated business moments.

As digital solutions such as web conferencing apps and file-sharing servers are now more sought after to better enable remote working and collaboration, they also increase the vector for cyberattacks.

Adapting to the new change

- Advertisement -

Businesses must first secure remote access and collaboration services to strengthen business continuity. Visibility over all data assets needs to increase and vulnerabilities need to be patched, ensuring resilient access management is in place. Lastly, establishing a strong culture of cyber hygiene and providing resources to the workforce are crucial, so that good cyber habits can be fostered.

Following that, greater measures need to be taken in the near term and honed after the initial security updates. Over the next three to six months, businesses must look towards a greater understanding of their security posture and the effectiveness of their security controls. This will then enable them to make the right decisions by prioritizing the right actions to manage, and mitigate attacks accordingly. The next goal will be to secure end users and all generated data. As the number of cybersecurity threats rises, investments in security need to be made to safeguard the business. Longer term solutions will be dependent on the business and its needs, though the security of its processes and architectures should still be reinforced based on its growth trajectories.

It is important to establish a cyber ecosystem to counter cyberattacks – which is why a solution that offers a single pane of glass view of its IT environment is beneficial in uplifting defenses quickly, where needed.

Investing in a Security Operations Center (SOC)

SOCs are responsible for operationalizing security. They are beneficial for large organizations with hundreds or thousands of assets and people – a scale too large for a security team. SOCs can adapt and update themselves with new approaches to threat hunting, placing themselves ahead of cybercriminals’ new methods of attack. Through leveraging artificial intelligence (AI) and machine learning (ML), threat intelligence is growing, and employing defensive frameworks like the MITRE ATT&CK can assist with risk-based alerting and incident handling. The Security Orchestration, Automation, and Response (SOAR) tool can then automate the containment of threats before they become an issue.

Ultimately, perfect prevention is not possible, so businesses should emphasize visibility and response speed. The priorities for future investments in SOC capabilities are improving the ability to respond to confirmed attacks, enhancing the ability to detect signals of potential attacks. All this can then aid the business with faster mitigation where necessary, across the entire workforce.

Cybersecurity in the future

The pandemic is a black swan event that has exposed weaknesses, but it has also illuminated strengths that can be adapted into the future. Digital transformation and security transformation go hand-in-hand to empower the workforce to work when, where, and how they need to, with the devices and apps they are most familiar with, while knowing they are fully secure. A greater understanding and managing of organizational cybersecurity will be the foundation of a future-ready workforce.