Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/9/2020
10:00 AM
George Gerchow
George Gerchow
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond

As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.

The speed in which COVID-19 has evolved has prompted new ways of doing business and added responsibility to the everyday role of cybersecurity professionals and C-level leadership. Recent research from (ISC)² shows that 81% of security professionals have seen their roles evolve in response to the ongoing pandemic, and 23% have seen an acceleration in cybersecurity incidents.

For a chief security officer, traditional priorities include data governance and strategic security policies. However, due to the shift to remote work and increasing business pressures during the ongoing pandemic, that role has evolved to also encompass employee safety and productivity so the company can continue to deliver products and support its customers and partners. As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible by adopting an employee-first mindset, to keep the entire organization aligned. Here's how:

Step 1: Establish an emergency management team with key stakeholders. Schedule regular (if not daily) meetings to ensure issues are being addressed and strategies are being changing as needed in real-time. This team should have full business representation, including executive staff, regional leaders, and security operations representatives. Although many businesses may currently have these teams in place, it's important that proactive planning remains a top priority even as offices begin to reopen. This team, and the lessons they provide, will be crucial for any future pandemics or crises that pose a threat to business continuity, allowing employees to act faster and make informed decisions.

Step 2: Monitor expanded attack services including insecure home VPN systems and data. Due to the rise of remote work and expanded attack services, phishing attacks have also seen a significant acceleration with employees being enticed by fake password management, executive updates, and GoFundMe messages. To decrease the impact of these attacks, it's important to keep employees informed of the latest threats and how they can protect themselves or seek support if they have become a victim. Employee education is essential, including training on how to lock down home routers with complex passwords and leverage data loss prevention (DLP) technologies.

Step 3: Empower leadership teams with prescriptive information to help inform business decisions that empower secure, reliable operations. As the impact of the pandemic continues to evolve and regional areas are affected differently, CSOs and CISOs must stay informed of all security and operations across all business units in order to regularly update leaders with the most relevant and up-to-date information. For example, if leaders are making decisions on extended work-from-home policies or strategies for reopening offices, they will need to know if the resources are there to support a decision from the standpoints of both business operations and employee security with best-practices documents or contingency plans if new cybersecurity threats arise.

Step 4: Maintain a "pulse" on your employees through real-time chat and collaboration technologies. Regularly monitoring these channels is a good way to stay on top of questions and concerns in order to make the necessary strategy adjustments. In these types of situations, overcommunication is key. Employees, customers, and partners are all eager to hear from organizational leaders during this time. However, content must be relevant and strategic. It's important that the dialogue is led with an understanding tone that takes into account the current situation as it relates to relevant stakeholders and the challenges they face.

Step 5: Sustain a mindset that goes beyond your CSO title. Instead of just looking at things from a technology perspective, it's critically important to assess the human impact as well. This means being empathetic to people's needs and work styles. While a CSO's job is to maintain secure business operations, during these challenging times, it's crucial to ensure that employees are staying engaged and aren't overworked, and that customers and partners feel supported. A human-first approach to security leadership will have long-term benefits to employee and customer collaboration and retention.

Related Content:

 

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register

George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Gerchow has years of practical experience in ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
CVE-2021-27581
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.