Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/9/2020
10:00 AM
George Gerchow
George Gerchow
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond

As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.

The speed in which COVID-19 has evolved has prompted new ways of doing business and added responsibility to the everyday role of cybersecurity professionals and C-level leadership. Recent research from (ISC)² shows that 81% of security professionals have seen their roles evolve in response to the ongoing pandemic, and 23% have seen an acceleration in cybersecurity incidents.

For a chief security officer, traditional priorities include data governance and strategic security policies. However, due to the shift to remote work and increasing business pressures during the ongoing pandemic, that role has evolved to also encompass employee safety and productivity so the company can continue to deliver products and support its customers and partners. As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible by adopting an employee-first mindset, to keep the entire organization aligned. Here's how:

Step 1: Establish an emergency management team with key stakeholders. Schedule regular (if not daily) meetings to ensure issues are being addressed and strategies are being changing as needed in real-time. This team should have full business representation, including executive staff, regional leaders, and security operations representatives. Although many businesses may currently have these teams in place, it's important that proactive planning remains a top priority even as offices begin to reopen. This team, and the lessons they provide, will be crucial for any future pandemics or crises that pose a threat to business continuity, allowing employees to act faster and make informed decisions.

Step 2: Monitor expanded attack services including insecure home VPN systems and data. Due to the rise of remote work and expanded attack services, phishing attacks have also seen a significant acceleration with employees being enticed by fake password management, executive updates, and GoFundMe messages. To decrease the impact of these attacks, it's important to keep employees informed of the latest threats and how they can protect themselves or seek support if they have become a victim. Employee education is essential, including training on how to lock down home routers with complex passwords and leverage data loss prevention (DLP) technologies.

Step 3: Empower leadership teams with prescriptive information to help inform business decisions that empower secure, reliable operations. As the impact of the pandemic continues to evolve and regional areas are affected differently, CSOs and CISOs must stay informed of all security and operations across all business units in order to regularly update leaders with the most relevant and up-to-date information. For example, if leaders are making decisions on extended work-from-home policies or strategies for reopening offices, they will need to know if the resources are there to support a decision from the standpoints of both business operations and employee security with best-practices documents or contingency plans if new cybersecurity threats arise.

Step 4: Maintain a "pulse" on your employees through real-time chat and collaboration technologies. Regularly monitoring these channels is a good way to stay on top of questions and concerns in order to make the necessary strategy adjustments. In these types of situations, overcommunication is key. Employees, customers, and partners are all eager to hear from organizational leaders during this time. However, content must be relevant and strategic. It's important that the dialogue is led with an understanding tone that takes into account the current situation as it relates to relevant stakeholders and the challenges they face.

Step 5: Sustain a mindset that goes beyond your CSO title. Instead of just looking at things from a technology perspective, it's critically important to assess the human impact as well. This means being empathetic to people's needs and work styles. While a CSO's job is to maintain secure business operations, during these challenging times, it's crucial to ensure that employees are staying engaged and aren't overworked, and that customers and partners feel supported. A human-first approach to security leadership will have long-term benefits to employee and customer collaboration and retention.

Related Content:

 

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register

George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Gerchow has years of practical experience in ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.