Creating an emergency ready cybersecurity program
By Michael Reyes
A large part of the world’s workforce has transitioned to working remotely, but as plans are being drawn up to reopen economies, the security industry is being challenged to develop stronger screening practices, emergency operations planning, and to deploy tools to detect and minimize the impact that future pandemics, natural disasters and cyberattacks can have on a company.
Things like global security operation centers (SOCs), managed security services, thermal imaging and temperature screening for on-site visitors and employees and enhanced employee tracking capabilities are new areas of increased focus. As security professionals are forced to reassess how the systems they monitor are working in this new environment, companies and organizations must still deal with day-to-day operations that are now more likely to occur on unsecured wireless networks. From data loss prevention and email spam protection to denial of service and data breach or leakage, there’s a large number of challenges to address as more and more workers work from home. So, what should businesses focus on to ensure security and safety?
The greatest vulnerabilities
One major cybersecurity shortcoming of companies is just how much of their network is accessible, both within an office and externally. As technology has advanced, the need for a secure network infrastructure is of the utmost importance to protect all company assets. That need is even more acute now, with many workers currently working from home on personal devices and unsecure wireless networks.
With the likely shift towards a more remote workforce in the coming years, across industries, wireless networks will need to be designed and revamped with security in mind. Beyond the COVID-19 impact, IT teams still face non-standard deployments of technology in regard to security devices, as well as “bring your own device” options that are currently being used in every aspect of the IT world. IT groups also currently deal with a great deal of infrastructure that is aging without a replacement and/or a life-cycle management plan.
Additionally, “flat networks”, which were originally designed just to make sure everything could communicate, are still common. These networks were designed with very little regard for the security of edge devices and all other endpoints. Many enterprise customers are now retrofitting these networks to meet current cybersecurity requirements and recommendations. It is clear that security issues extend beyond our current, unforeseen circumstances and must still be dealt with promptly.
A strong incident response program
The success of security policies and systems depends on their proper implementation and a continuous improvement process to sustain the security program on a day-to-day basis. The program must meet business needs and appropriately mitigate security risks. By implementing an effective incident response program, a company will be able to use information generated from things like access control and video systems and ensure that a company’s security events are “real” and not falsely positives due to technological problems. Any strong IR program should be quick and accurate and with workers spread out around the globe.
Technology plays a growing role in almost all security programs but cannot be the ultimate factor when it comes to deciding which incidents require a response. As information becomes more integrated and easier to reach, successful IR programs ensure that the information delivered is accurate, relevant and actionable to security personnel. Technology may be providing the information avalanche, but it can also be used to effectively cull through the information and make sure the human operators only see what they are supposed to see.
The automation of security
How much of the world’s security can really be automated? Many simple tasks with access control and video systems are becoming more and more automated by the day. For example, video analytics are becoming more common on even the most basic security cameras and are less dependent on high-end servers than in the past. Today, identification of people and vehicles can be accomplished through automation, rather than through human interaction. With remote workers, this is crucial. Many companies are now facing unexpected financial pressures and security budgets are being tightened. As such, automated processes for sending alerts and warnings have also taken on a larger role.
It is now expected, at the enterprise level, that every system should be able to auto-generate reports. Future deployment of all security-related technologies will further shrink the possibility of human error and the risk associated with those events, while providing a greater view for all stakeholders. It goes without saying that we are in uncharted territory. As security experts work to shift security systems to accommodate the new reality we are living in, companies must find new ways to ensure the safety of their employees and their work – not just from COVID-19, but from additional challenges that come along with it.
As businesses across the world start to reopen, executives should be thinking about their cybersecurity protocols, and the best ways to utilize technology to their advantage. The most successful businesses will have strong, uniform IT standards and will be able to conduct their security work from any location, with a quick response.