Ali Abbas
Future Ready: 5 considerations for Security Operational Transformations in the ‘new normal’
In the first of the Future Ready series, AJ Khan explores strategies for operational transformation and lists the 5 keys to success.
In this new series, CUBE, in collaboration with the Canadian Regulatory Technology Association (CRTA), speaks to industry experts about cyber strategies in the ‘new normal’. As the coronavirus pandemic has swept the globe, businesses have been forced to re-examine their approach to cyber. In the first of the series, AJ Khan explores strategies for operational transformation and lists the 5 keys to success.
Are you ready for the #cybernewnormal?
The COVID-19 pandemic has forced all organizations – from financial institutions to the automotive industry – to re-examine their approach to ensuring cyber resilience in the new normal. The operational transformation undertaken by organizations to enable the Work-From-Home (WFH) workforce has introduced new risks in the corporate ecosystem. These risks need to be identified and their impact assessed to better protect businesses across the globe.
The top five areas of concern that need to be addressed for the risk assessment of this new Operational Transformation are:
1. Acceptable Devices
COVID-19 has increased, and in some cases introduced, the use of ‘bring your own device’ (BYOD) as an organizational enabler for WFH in the new normal. This means that organizations need to have a defined BYOD Policy that enumerates the acceptable devices that can be used for corporate work. This policy must also address the concerns raised due to the lack of separation between personal and corporate data and increased chance of data leakage due to this BYOD enablement. The key to assuring that the security is maintained in the WFH environment is to ensure endpoint management and limit the access to data based on the principle of least privilege.
2. Infrastructure Changes
COVID-19 has accelerated the organization’s embrace of perimeter-less architecture. Firewalls and VPNs are no longer enough to ensure the protection of critical organizational assets. A more holistic cyber governance strategy needs to be in place which focuses on data as the core asset. This cyber governance strategy needs to identify and protect the global systems where the organization data is being processed, stored, or transmitted. As this might include third-party SaaS apps, an infrastructure strategy needs to be fully adopted that enables CASB (Cloud Access Security Broker) and Federated ID solutions.
3. Incident Reporting
A WFH enabled workforce has greater reliance on incident reporting. This means that the Cybersecurity Incident Management Policy must be clearly defined and effectively distributed among the workforce. This policy must precisely specify the criteria for reporting an incident in the new WFH environment. It should also provide guidance on the initial reporting notification and the methodology used to detect, identify, report, and recover from the incident.
4. Greater Movement to the Cloud
COVID-19 has greatly increased the usage of the cloud. However, one of the major challenges of moving to the cloud is cloud governance. An organization needs to ensure that a cloud governance framework is in place that provides guidelines for the development, operations, and assessment of cloud apps. The increased reliance on cloud apps also ensures that there is greater exposure to organizational resources that need to be secured to limit data breaches. The organization’s risk management team must assess this increased risk and ensure that effective controls are in place to mitigate the enhanced risk profile of the organization.
5. Remote Tools
There is a greater reliance on remote tools in the post-COVID-19 world and this has raised concerns about privileged accounts and operational security. An increased reliance on personal devices means that there is less oversight, and this increases the threat of malicious insiders. Furthermore, enhanced remote access to resources could allow threat actors to escalate their privilege within a system. Hence, companies must closely manage any privileged access across their networks. This has increased reliance on effective security monitoring and logging of interactions within and from outside a company’s own network.
To summarize, the post-COVID-19 world has only highlighted further the importance of Governance, Risk & Compliance to ensure the confidentiality, integrity & availability of critical assets of any organization. This aim can be met by developing effective cyber policies & procedures that meet the cyber challenges of the WFH environment and addresses the risks presented by this new normal.
Listen to the experts
On the 25th August, the CRTA and CUBE hosted an audience-led roundtable that discussed the new normal for cyber. You can listen to it on our catch up service no.