Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/9/2020
10:00 AM
George Gerchow
George Gerchow
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond

As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.

The speed in which COVID-19 has evolved has prompted new ways of doing business and added responsibility to the everyday role of cybersecurity professionals and C-level leadership. Recent research from (ISC)² shows that 81% of security professionals have seen their roles evolve in response to the ongoing pandemic, and 23% have seen an acceleration in cybersecurity incidents.

For a chief security officer, traditional priorities include data governance and strategic security policies. However, due to the shift to remote work and increasing business pressures during the ongoing pandemic, that role has evolved to also encompass employee safety and productivity so the company can continue to deliver products and support its customers and partners. As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible by adopting an employee-first mindset, to keep the entire organization aligned. Here's how:

Step 1: Establish an emergency management team with key stakeholders. Schedule regular (if not daily) meetings to ensure issues are being addressed and strategies are being changing as needed in real-time. This team should have full business representation, including executive staff, regional leaders, and security operations representatives. Although many businesses may currently have these teams in place, it's important that proactive planning remains a top priority even as offices begin to reopen. This team, and the lessons they provide, will be crucial for any future pandemics or crises that pose a threat to business continuity, allowing employees to act faster and make informed decisions.

Step 2: Monitor expanded attack services including insecure home VPN systems and data. Due to the rise of remote work and expanded attack services, phishing attacks have also seen a significant acceleration with employees being enticed by fake password management, executive updates, and GoFundMe messages. To decrease the impact of these attacks, it's important to keep employees informed of the latest threats and how they can protect themselves or seek support if they have become a victim. Employee education is essential, including training on how to lock down home routers with complex passwords and leverage data loss prevention (DLP) technologies.

Step 3: Empower leadership teams with prescriptive information to help inform business decisions that empower secure, reliable operations. As the impact of the pandemic continues to evolve and regional areas are affected differently, CSOs and CISOs must stay informed of all security and operations across all business units in order to regularly update leaders with the most relevant and up-to-date information. For example, if leaders are making decisions on extended work-from-home policies or strategies for reopening offices, they will need to know if the resources are there to support a decision from the standpoints of both business operations and employee security with best-practices documents or contingency plans if new cybersecurity threats arise.

Step 4: Maintain a "pulse" on your employees through real-time chat and collaboration technologies. Regularly monitoring these channels is a good way to stay on top of questions and concerns in order to make the necessary strategy adjustments. In these types of situations, overcommunication is key. Employees, customers, and partners are all eager to hear from organizational leaders during this time. However, content must be relevant and strategic. It's important that the dialogue is led with an understanding tone that takes into account the current situation as it relates to relevant stakeholders and the challenges they face.

Step 5: Sustain a mindset that goes beyond your CSO title. Instead of just looking at things from a technology perspective, it's critically important to assess the human impact as well. This means being empathetic to people's needs and work styles. While a CSO's job is to maintain secure business operations, during these challenging times, it's crucial to ensure that employees are staying engaged and aren't overworked, and that customers and partners feel supported. A human-first approach to security leadership will have long-term benefits to employee and customer collaboration and retention.

Related Content:

 

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register

George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Gerchow has years of practical experience in ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
The Yellow Brick Road to Risk Management
Andrew Lowe, Senior Information Security Consultant, TalaTek,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: He hits the gong anytime he sees someone click on an email link.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7779
PUBLISHED: 2020-11-26
All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, [email protected]-----------------------------------------------------------!.
CVE-2020-7778
PUBLISHED: 2020-11-26
This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.
CVE-2020-29128
PUBLISHED: 2020-11-26
petl before 1.68, in some configurations, allows resolution of entities in an XML document.
CVE-2020-27251
PUBLISHED: 2020-11-26
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.
CVE-2020-27253
PUBLISHED: 2020-11-26
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.