The COVID-19 pandemic has forced organizations in every industry to rapidly reinvent their operations to accommodate near-total work-from-home (WFH) arrangements. This transformation has created a new cybersecurity landscape with a heightened volume of threats, vulnerabilities, and malicious activity. Following the outbreak of the pandemic, we’ve seen:
- Cybercrime reports quadruple, according to the FBI.
- The creation of new COVID-19-themed attacks, including new phishing lures and the launch of fraudulent websites posing as relief activities.
- Greater use of web meeting platforms (e.g., Zoom, Teams), increasing the risk of new attacks, unauthorized recordings, and surveillance concerns.
Recalibrating defenses for these new threat vectors and ways of working takes priority. But once an organization has stabilized its current state, leaders must look ahead and prepare to secure post-pandemic operations. This means focusing on execution-oriented insights that enable rapid response to an ever-evolving threat landscape.
Mapping the Post-Pandemic Operational and Security Landscape
Once you have adapted your operations in response to the crisis, you can identify opportunities to strengthen operations long term. Forbes describes the pandemic as a “before-and-after moment” for many organizations’ digital transformation efforts, creating a “forced acceleration” of trends like telecommuting and cloud adoption. Leaders report that pandemic-related technology adoption has been “overwhelmingly positive” as their workforces have increased productivity, created a stronger sense of virtual and inclusive community, and recognized the upside of remote work.
In sum, the pandemic has forced many organizations to rapidly develop and adapt to new ways of working, and these changes are delivering benefits. Leaders who want to maintain these benefits will likely maintain many of their remote operations after the pandemic recedes. To do so, however, they will need to account for a new cybersecurity landscape.
There are two vectors of post-pandemic security that organizations can begin to plan and prepare for: a new people strategy and a new operational context.
Even in the best security contexts, an organization’s people are a common source of vulnerabilities. According to Ponemon, insider threats—which include unwitting insiders—have grown by 47 percent over the last two years. The costs associated with insider threats have increased 31 percent, reaching $11.45 million per incident. Perhaps most troubling, 62 percent of these insider threats were unintentional and caused by simple human error.
These data points underscore the importance of a plan to address the people-related element of security after the crisis ends. Most organizations should consider two sets of people when planning their post-pandemic security strategy: those who return to the central offices and those who remain primarily (or entirely) WFH employees.
In both cases, organizations must recognize that because the transition to a WFH model happened quickly, security was often deprioritized to achieve business continuity as quickly as possible. This reality has two implications for leaders who are planning a security strategy moving forward:
- For people who remain WFH employees, now is the time to establish end-to-end security and governance for their devices, applications, and processes.
- For people who will return to the central offices, organizations need to ensure that they do not bring back any compromised digital assets they accumulated while working remotely.
For both groups, this moment of transition affords your organization a unique opportunity to define a new shared understanding of security risks and align to a defined set of security policies and procedures. In this process, it is critical to engage every employee in the organization, based on his or her individual security maturity, to build collective awareness of the importance of security.
Organizations must also recognize that moving their people to a new working model necessitates a new operational model for technology systems. The shift to a remote working model has placed new demands on organizational networks. As IDG reports, “network operators all around the world have reported massive upticks in their broadband usage, with short-term spikes that would ordinarily be expected over the course of a year…creating serious concerns over whether the physical networking infrastructure will be able to keep up.”
Specifically, the crisis has produced an uptick in traffic and bandwidth requirements from platforms driving remote work. Zoom alone has reported 20 to 30-fold growth in active users since December, while Microsoft saw a 775 percent spike in Teams usage in Italy. The source of traffic is also changing, with a shift away from urban business centers and office parks towards suburbs and other distributed locations.
With a more decentralized workforce comes a greater dependence on bandwidth and network capacity management, which can become complicated when combined with a diversification of network devices. Organizations must redesign their technology systems and policies to support the shift in demand and devices, such as an increase in Bring Your Own Device (BYoD), an expansion of firewalls, and the potential need to provide substantial VPN services.
This complexity can be intimidating, yet it also presents you with the opportunity to refocus your security strategy. The business case for hardening network defenses and accounting for the new realities of the cybersecurity threat landscape has captured the full attention of the C-suite.
From Today to Tomorrow: Looking Ahead
As you build your revised vision for cybersecurity, considering the shifts in both the threat landscape and ways of working, you must still defend against the critical threats of the moment. For most organizations, that will entail two core activities. Both will require you to gather execution-oriented insights that lay the foundation for a stronger security blueprint long term.
- Reassess WFH technology, architecture, and policy. Reevaluate the technology and governance systems your organization adopted to drive business continuity. One place to start is by revisiting your choices for remote video meeting and collaboration solutions, as these platforms have been fundamental building blocks for new ways of working. Organizations can also reconsider the technologies that monitor and secure employee home environments, as well as sharpen their remote incident response capabilities.
- Fill gaps in cybersecurity skillsets. The world already faced a shortage of cybersecurity professionals prior to the crisis, with 76 percent of cybersecurity leaders confronting skills shortages. According to a recent Wall Street Journal article, CIOs are taking advantage of the softer labor market to pick up hard-to-fill roles, including cybersecurity, systems architecture and advanced software developers. Other industry experts anticipate a slower pace of product implementation, paired with a stronger emphasis on hiring for IT, infrastructure, and security positions. The emerging challenges of a remote workforce and virtual business operations compound the negative effects of the skills shortage. Start with an assessment and evaluation of your organization’s current skills in the context of your security strategy. This exercise may surface gaps in the current skills mix. Any gaps that create serious security issues should be prioritized.
These core activities put organizations in a much more powerful position to carefully plan, provision, and prepare defenses for post-pandemic operations. Leaders have an opportunity to correct security issues surfaced through the operational stress test of COVID-19. From there, they are equipped to develop a long-term strategy to realign defenses for future ways of working.