Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/31/2021
01:00 PM
Dan Dinnar
Dan Dinnar
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Advice From Security Experts: How to Approach Security in the New Normal

Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.

A year ago, work from home (WFH) emerged as the "new normal" for organizations seeking to keep their staffers safe from COVID-19. Today, companies are viewing WFH as simply, well, the norm, as 83% of IT managers are planning or have planned for a long-term transition to remote working.

In many circumstances, the arrangements have increased productivity and efficiency. But they also bring on risks: Three-quarters of IT professionals are concerned that their response to security threats is less effective due to employees working remotely, and 63% have less than 90% visibility of remote endpoints. Seven of 10 indicate that the pandemic has negatively affected their ability to patch endpoints and enforce compliance.

Related Content:

Top 3 Cybersecurity Lessons Learned From the Pandemic

Special Report: Building an Effective Cybersecurity Incident Response Team

New From The Edge: Cartoon Caption Winner: In Hot Water

Given the challenges, we recently asked a selection of top security managers and executives about their experiences. We wanted to know what's the biggest lesson they've learned after a year of WFH, and how they advise their counterparts at organizations to proceed as a result of those lessons. Here's what they told us:

Steve Zalewski, CISO, Levi Strauss & Co: "Now is the time to double down on security awareness training for your company. After a year of transition from 'work in the office' to 'work from home' to 'work from anywhere' to 'work from everywhere,' people are stressed, fatigued, struggling with work/life balance, and generally feeling overwhelmed. This has created a bonanza for attackers who use phishing and social engineering attacks. Targeted attacks are on the rise as well. So get creative with your education and testing, be persistent, and don't let your people give in to the COVID fatigue, false sense of security that home environments can create, and targeted attacks. Every click we can prevent saves us hours of incident response time chasing down compromised credentials or lost revenue."

Timothy Myers, CISO, Missouri Employers Mutual: "Don't try to figure it all out on your own. Develop a peer group and schedule regular conversations to share information on trends, projects, threats, etc. If you can afford to, use a well-established security consultant to do vulnerability and penetration assessments to see if that perspective maps well with where you think you are."  

Britney Hommertzheim, Director of Cyber Threat Operations, Cardinal Health: "Embrace the uncomfortable. Right now, many people are in a state of flux. Use this as an opportunity to provide a solution for your business that also provides a security benefit."

Gregory Matthias, CISO, TCF Bank: "It's more important than ever to work with your partners to understand risk across the organization and not just tech risk. Secondly, you need to be at the table and become an enabler of faster digital transformation."

Shinesa Cambric, Manager of Security Architecture, Vistra Corp: "This is a time to rethink cyber processes and integrations and the messaging around that. There is a huge opportunity to use the message of a 'fresh secure start.' Security managers and teams should take advantage of migrations to the cloud to reset and reinforce the image of security — that security being integrated and built into their tools and platforms is a value-add and a distinguisher, rather than using a 'fear, doom, and loss avoidance' message to get buy-in for security."

Aimee Martin, Director of Information Security, Vista Outdoor: "Determine how to cut costs in the right places but spend the money in the places that add the most value. Rethink business resiliency and protect the critical assets and data in your environment."

Judy Hatchett, CISO, Surescripts: "Be flexible, invest in tools and strategies that solve more than one problem. Invest in your people."

Nathaniel Cole, Director of Security, MSTS: "Leaders need to be acutely aware of massive disruption to everything in 2021 — remote workforce may or may not continue — then we are looking at huge disruption in real estate and others. Deploy security without brick and mortar. Truly reevaluate end-user behaviors, grant access, identity access, onboard, and offboard. The short term will be hard, but we will all be better off in the long run as a result of the work done now."

We can't predict with absolute certainty what the state of WFH/remote work will look like a year from now. But we do know that cybersecurity professionals will seek to continue meeting the many new challenges that extraordinary circumstances bring. By closely aligning IT goals with business strategies and a flexible, agile, and value-first mindset, CISOs and their teams will more effectively prepare their organizations for current "norms" — and whichever new ones come next.

Dan Dinnar is the CEO of Source Defense. A 20+ years veteran of executive leadership, deal making, and strategy in the IT/security industry. Dan was most recently the Co-founder & COO of Hysolate, a Team8 company. He also was the CEO of HexaTier (formerly GreenSQL), and led ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...