• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Downloads
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
Network Security, News

5 Principles For Effective Cybersecurity Leadership in Post-COVID

Organizations cannot expect cybersecurity leadership to achieve faultless security in today’s context.

April 1, 2021 Guest Authors Leave a Comment

Gartner Cybersecurity, cybersecurity leadership

As COVID-19 struck suddenly across the globe last year, work-from-home became a new norm for almost every organization. Likewise, cybersecurity operations also faced tremendous new challenges. Now that businesses are slowly transitioning back to on-premises job models, a considerable percentage of employees is still expected to work from home on a rolling basis to maintain social distancing at workplaces.

Cybersecurity leadership, particularly Chief Information Security Officers, are taking strategic and stronger roles within their organizations during this time of crisis that still prevails.

The work structure may have turned hybrid, but there is still a large-scale adoption of work-from-home technologies and a much greater usage of cloud services than ever possibly imagined. This has made it all the more challenging for the leadership to maintain a balance and ensure the safety of their business and informational assets with onsite and offsite workforce.

New Security Challenges in the New Normal

COVID-19 pandemic has opened up never-faced-before challenges for security professionals such as:

  • Work-from-home has allowed for multiple cyberattack vectors to exist due to increased dependency on home networks and personal devices.
  • Potentially easier and more effective social engineering attacks due to a dispersed onsite and offsite workforce.
  • Security Operations Centers (SOCs) that have been designed to identify irregular behaviors have limited visibility due to the new work norms.
  • Public sectors such as healthcare services and hospitals have been particularly hit hard by new types of ransomware that aims at disrupting services and conducting Denial of Service Attacks.

Cybersecurity leaders now need to move beyond compliance monitors and work towards shared risk ownership within the organization.

The daunting challenge for the leadership is to protect the organization’s digital assets and infrastructure while ensuring operations without interruption. For instance, cybersecurity teams are now adjusting their risk management and security programs to enable adoption of cloud services and work-from-home tools.

According to a new report by World Economic Forum titled “Cybersecurity Leadership Principles: Lessons Learnt During the COVID-19 Pandemic to Prepare for the New Normal”, there are five proposed principles to balance short-term goals with medium to long-term goals.

1. Foster a culture of Cyber Resilience

With the digital ecosystem being a dynamic environment, cyber threats often evolve before regulations. During the pandemic, it’s important to prioritize incident response, business continuity and recovery activities. They need to strengthen their employee’s cyber resilient behavior even more than before.

Every day, as employees make decisions impacting security, keeping the organization secure is everyone’s responsibility. Security leaders need to help employees stay secure by regularly training them to identify phishing attempts, scammers, online credit card frauds, and proactively educating them about new techniques arising during the pandemic.

2. Focus on Protecting the Organization’s Critical Assets and Services

Cybersecurity leadership should have a systemic and holistic view of their critical applications, services, assets and suppliers to determine potential consequences of a crisis to their employees, revenue, customers and continuity of important services. Hence, it’s imperative to maintain strong cyber hygiene by keeping an inventory of critical digital assets to ensure a vulnerability management strategy.

They must have a layered access mechanism in place to allow access of critical systems to privileged users.

Related: The ROI of Cybersecurity

For securing remote connectivity, organizations need to implement layered defense for preventing data leakage and detecting suspicious activity from remotely-connected endpoints.

To decrease the time of detection till mitigation, businesses need to invest more and enhance their monitoring and response capability. Remotely monitor collaboration tools, employees and even third parties to catch abnormal behavior on time.

3. Balance Risk-Informed Decisions During and Beyond the Crisis

With business risk posture significantly changed, the leadership needs to balance their risk-informed decisions for post-covid times in the long run. With a high-velocity of new applications developed to cater to the changing market, many have failed to resolve configuration issues or bugs in their applications and introduced them hastily.

Hackers can proactively identify and exploit weakest links in a value chain, and hence it’s imperative to adopt no-trust approach to secure supply chains.

4. Update and practice your response and continuity plans as your business transitions

For every business continuity program, crisis management is a key component. Organizations that focus only on analyzing and mitigating risk cannot handle sudden crisis very well. For a crisis as big as the pandemic, it’s important to build a cross-functional team with a detailed plan to orient individuals with diverse roles.

As digitalization continues to accelerate, managing cyber risk should adapt with speed and agility to align effectively with risk appetite and strategic business priorities.

5. Strengthen Ecosystem-wide Collaboration

Private and public-sector leadership should collaborate and ensure participation in initiatives to secure ecosystem against existing and emerging cyber threats. Moreover, businesses must also come on the same page with suppliers to implement cybersecurity controls for encouraging third-party regulatory alignment.

The Way Forward

Organizations cannot expect cybersecurity leadership to achieve faultless security in today’s context. However, effective management of cyber risk can help businesses achieve faster and smart transformation and stay ahead during these uncertain times. The end goal of businesses is resilience.

Tagged With: Cybersecurity

Related Content:

  • Google BeyondCorp Enterprise Google Releases Chrome Privacy, Security Fixes
  • Chris Krebs CISA fired, CISA Ransomware Campaign U.S. Agencies: Russian SolarWinds Hackers Leveraging Five Older…
  • Remote Work Productivity, tips for 2021, carbon emissions Will Continued Adoption of Remote Work Technologies Cut…
  • FBI Microsoft Exchange Server FBI Removes ‘Hundreds’ Of Web Shells From Compromised…

Free downloadable guide you may like:

  • These Are THE Key Issues For CIOs in 2021

    In this new research survey from The Hackett Group, it was found that IT priorities are geared up for an aggressive and accelerated transformation agenda. The IT department is poised to become a strategic partner with their business and guide stakeholders through a year of growth. This is the year of experimentation and adaption as […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Tackling the Virtual Culture Dilemma

COVID-19 has turned much of our lives upside down. At over one year into the pandemic, many of us are still working from home, which has been the b...

These Are THE Key Issues For CIOs in 2021

In this new research survey from The Hackett Group, it was found that IT priorities are geared up for an aggressive and accelerated transformation ...

These Are The 2021 Trends in Control Rooms And Operation Centers

Join Shelley Johnson, Principal Engineer at The MITRE Corporation, Shane Vega, National Business Development Manager at AVI-SPL, and Dan Griffin, V...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2021 Emerald X, LLC. All rights reserved.