Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/31/2021
01:00 PM
Dan Dinnar
Dan Dinnar
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Advice From Security Experts: How to Approach Security in the New Normal

Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.

A year ago, work from home (WFH) emerged as the "new normal" for organizations seeking to keep their staffers safe from COVID-19. Today, companies are viewing WFH as simply, well, the norm, as 83% of IT managers are planning or have planned for a long-term transition to remote working.

In many circumstances, the arrangements have increased productivity and efficiency. But they also bring on risks: Three-quarters of IT professionals are concerned that their response to security threats is less effective due to employees working remotely, and 63% have less than 90% visibility of remote endpoints. Seven of 10 indicate that the pandemic has negatively affected their ability to patch endpoints and enforce compliance.

Related Content:

Top 3 Cybersecurity Lessons Learned From the Pandemic

Special Report: Building an Effective Cybersecurity Incident Response Team

New From The Edge: Cartoon Caption Winner: In Hot Water

Given the challenges, we recently asked a selection of top security managers and executives about their experiences. We wanted to know what's the biggest lesson they've learned after a year of WFH, and how they advise their counterparts at organizations to proceed as a result of those lessons. Here's what they told us:

Steve Zalewski, CISO, Levi Strauss & Co: "Now is the time to double down on security awareness training for your company. After a year of transition from 'work in the office' to 'work from home' to 'work from anywhere' to 'work from everywhere,' people are stressed, fatigued, struggling with work/life balance, and generally feeling overwhelmed. This has created a bonanza for attackers who use phishing and social engineering attacks. Targeted attacks are on the rise as well. So get creative with your education and testing, be persistent, and don't let your people give in to the COVID fatigue, false sense of security that home environments can create, and targeted attacks. Every click we can prevent saves us hours of incident response time chasing down compromised credentials or lost revenue."

Timothy Myers, CISO, Missouri Employers Mutual: "Don't try to figure it all out on your own. Develop a peer group and schedule regular conversations to share information on trends, projects, threats, etc. If you can afford to, use a well-established security consultant to do vulnerability and penetration assessments to see if that perspective maps well with where you think you are."  

Britney Hommertzheim, Director of Cyber Threat Operations, Cardinal Health: "Embrace the uncomfortable. Right now, many people are in a state of flux. Use this as an opportunity to provide a solution for your business that also provides a security benefit."

Gregory Matthias, CISO, TCF Bank: "It's more important than ever to work with your partners to understand risk across the organization and not just tech risk. Secondly, you need to be at the table and become an enabler of faster digital transformation."

Shinesa Cambric, Manager of Security Architecture, Vistra Corp: "This is a time to rethink cyber processes and integrations and the messaging around that. There is a huge opportunity to use the message of a 'fresh secure start.' Security managers and teams should take advantage of migrations to the cloud to reset and reinforce the image of security — that security being integrated and built into their tools and platforms is a value-add and a distinguisher, rather than using a 'fear, doom, and loss avoidance' message to get buy-in for security."

Aimee Martin, Director of Information Security, Vista Outdoor: "Determine how to cut costs in the right places but spend the money in the places that add the most value. Rethink business resiliency and protect the critical assets and data in your environment."

Judy Hatchett, CISO, Surescripts: "Be flexible, invest in tools and strategies that solve more than one problem. Invest in your people."

Nathaniel Cole, Director of Security, MSTS: "Leaders need to be acutely aware of massive disruption to everything in 2021 — remote workforce may or may not continue — then we are looking at huge disruption in real estate and others. Deploy security without brick and mortar. Truly reevaluate end-user behaviors, grant access, identity access, onboard, and offboard. The short term will be hard, but we will all be better off in the long run as a result of the work done now."

We can't predict with absolute certainty what the state of WFH/remote work will look like a year from now. But we do know that cybersecurity professionals will seek to continue meeting the many new challenges that extraordinary circumstances bring. By closely aligning IT goals with business strategies and a flexible, agile, and value-first mindset, CISOs and their teams will more effectively prepare their organizations for current "norms" — and whichever new ones come next.

Dan Dinnar is the CEO of Source Defense. A 20+ years veteran of executive leadership, deal making, and strategy in the IT/security industry. Dan was most recently the Co-founder & COO of Hysolate, a Team8 company. He also was the CEO of HexaTier (formerly GreenSQL), and led ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.