Cybersecurity professionals are always prepared to adapt. Our function is centered around potential risk and the ability to instantly respond to new threats and events that could put our organizations and their people in harm's way. An enormous amount of preparation and planning always needs to be in place — with a clear process and playbook to execute or a fundamental capability to fall back on in any given scenario.
But in March 2020, the world faced a scenario beyond the scope of anything we'd seen before. Companies were forced to move from reasonably well-defined enterprise infrastructures inside office buildings to a wide range of individual remote users signing in from countless access points across the world. From a cybersecurity perspective, the technology was already in place; remote employees have existed for years, as have the cybersecurity measures to keep them protected. The challenge was delivering this protection at unprecedented scale and speed while still maintaining cybersecurity best practices.
One year into the pandemic, there are many lessons we have learned. Here are the top three that made the greatest impact on the new normal of cybersecurity:
1. In a Crisis, Cyber Resilience Is an Essential Business Enabler
The pandemic ignited an explosion of digital transformation. Instant pivots to remote operations meant pushing forward with technology investments in cloud, connectivity, automation, and innovation that may have taken months or years to implement in normal times. As the world began relying on these new digital capabilities, new risks and challenges were introduced. Organizations that were well-equipped to extend visibility and control to this new way of working found themselves in a far better situation than those that were scrambling to completely reengineer their security capabilities. The ones that had built an empowered and proactive security team, backed by robust processes and supported by effective technology, were able to adapt and overcome. Organizations that were locked into a rigid operational model, overly reliant on vendor platforms or lacking a defined set of processes to support their new reality, struggled to keep pace.
In a Capgemini study conducted in partnership with Forrester in late 2020, 75% of all organizations surveyed said they are increasing their cybersecurity budgets because of COVID-19, and 68% are specifically investing in cyber resilience. Many of these companies are within industries that were heavily impacted by the pandemic, including manufacturing, automotive, life sciences, energy, and utilities.
2. Define the New Perimeter
Since the pandemic began, we have seen an increased emphasis and shift toward zero trust and security access service edge (SASE) principles. With strong identity and access management capabilities, insights into services and APIs, and visibility into remote endpoint devices, security teams can put themselves in position for rapid and effective responses — even within this unique virtual setting. Access to sensitive and confidential data is the new perimeter for an organization's cybersecurity posture. Managing that access closely through the proper security technology capabilities and processes, with clear visibility into who has access to which information, through which avenues, and how/when they access it, has become a top priority — and will continue to be for the foreseeable future.
3. Awareness and Education Have Never Been More Important
COVID-19 has changed the cyber landscape now and likely into the future — with an evolving set of risks and challenges. With so many employees now outside the office walls, insider risks are one of the areas seeing increased focus. Not only is it more challenging for a security team to closely monitor intentional threats, but well-meaning employees detached from the corporate office may circumvent controls or best practices just to get their job done. To combat this, organizations must activate thorough, relatable, and frequent touchpoints to boost cyber awareness among their employees. Showing team members how adversaries operate, helping them recognize and understand the risks, and empowering them to be the first line of defense that stops these intruders at the first chance can go a long way in reducing incidental and unintentional impact. While cyber awareness and education may have been overlooked by some in years past, they are at the forefront of every program's strategy in cybersecurity's new normal.
How to Move Forward
Businesses have undergone enormous change since March 2020. Fortunately, the core principles and fundamentals of cybersecurity remain the same — cohesively joining people, process, and technology to drive effective operations and mitigate risk. Organizations must make the necessary investments to defend and put plans in place to brace for any future disruptions. As we look back on the past year, it's important to recognize the new ways our roles and functions have evolved. Moving forward, we can use these changes to our advantage as we protect our companies — both the physical offices and the global, widespread footprints of remote team members.