Whether or not the U.S.A. approaches the end of the COVID-19 pandemic, enterprises seem poised to return to business-as-normal as soon as possible. But what does a post-pandemic business world look like? Moreover, what does a post-pandemic cybersecurity landscape look like?
We spoke with experts from Exabeam, Tempered, and WhiteHat Security for their takes on the approaching future. Here are their comments on post-pandemic InfoSec, edited slightly for readability.
Tech Industry Leaders On the Post-Pandemic Business Landscape
Richard Cassidy is Senior Director of Security Strategy of Exabeam.
“The rapid shift in workplace practices the current pandemic has precipitated has been a steep learning curve for most security organizations. With whole companies now working remotely – often for the first time—the shift to meeting and collaborating online in a cloud-based work environment has been drastic.
How can security leaders demonstrate to the board that they’ve adapted security operations to help mitigate the new wave of risks that lockdown and remote working has brought? How can security practitioners demonstrate that they’re casting the net to better detect, investigate, and remediate against a new wave of threat vectors as a result of the business now operating in an entirely distributed model?
And many security teams have taken a hit due to furloughs and layoffs. For some organizations, it will be a fine balance between security and survival, and while this is unavoidable, it is also unmanageable. The technical skills gap in cybersecurity is well reported, and many security teams were running lean before the pandemic. The impact of this cannot be overstated. When you add in the fact that many organizations will have deferred planned critical technology updates, the impact on security, in the long run, will be significant.
As we begin to move through the pandemic and the most severe restrictions are lifted, organizations should prioritize reinvesting in their security teams. The ‘new normal’ we are beginning to craft will need a far greater focus on security and the already limited supply of security professionals tasked with ensuring this will need our full and comprehensive support—from ensuring they have the right tools, to approaching productivity, mental health, and collaboration in a more sophisticated way.
For years now, we have lived in an age of alert overload, with security, risk, compliance, and response teams overwhelmed by the data points they receive. All too often in the news, we see the result of critical alerts and events slipping through the defensive net. As we plan for a new normal, we need to consider how we can better support our security teams and automate as much of the more time-intensive and mundane tasks as possible. This will help security professionals better protect their organizations and will help more junior analysts do more to support their team. But we also need to rethink security operations center (SOC) practices—the attack surface is far greater now, and IoT security is a bigger risk vector than ever before. Organizations need to cast their net of inspection far wider now. The home office is the new corporate cubicle, and security teams will need to detect anomalies from home networks, users, and devices—sources that are far easier to compromise because they inherently lack security capabilities.
Key to this is a foundation of behavioral analytics that can help detect attacks and automate incident response. This frees up security teams enormously by using existing datasets to detect anomalies across the entire estate and monitor critical assets to find early signs of suspicious activity. When presented with the most critical information and with all of the necessary context, security teams can better respond, mitigate, and remediate the many threats they are faced with. And to ensure flexibility that will work both in the office and remotely, companies should help their security teams transition their security controls to the cloud.
Continuing to apply legacy approaches in a new normal will not work—it wasn’t working before. Organizations should look at this period of great change as a catalyst for innovating, evolving and enhancing their approach to security.”
Jeff Hussey is CEO of Tempered.
“The massive shift to working from home triggered by the COVID-19 pandemic exposed an inherent flaw in current network security architecture and the need for a new approach.
Many organizations discovered that their VPN solutions weren’t designed to have their entire workforce using them simultaneously. The massive shift to WFH, coupled with a corresponding increase in cyberattacks, further exposed an already fragile network infrastructure.
Looking forward, all organizations should re-evaluate what technologies they need to secure their networks, whether teams are in the office or remote, and how to maintain the flexibility required to ensure business continuity. The goal should be a solution that is both secure by design and manageable at scale.
The most effective approach to secure networks today is to create a Zero Trust (ZTNA) Software-Defined Perimeter (SDP) that makes the network invisible to hackers across cloud, multi-cloud, virtual, physical, hybrid, and edge environments. This same approach provides secure global connectivity and mobility for your entire workforce without requiring you to rip out and replace your existing network infrastructure.
Other important considerations include time to deploy, ability to scale, and ease of use.
All organizations have a choice to make when confronted with massive disruption. We believe in the power of innovation and invite you to try a new approach to network security – make your network invisible to hackers while securely accessible to your workforce from any location on the planet.”
Anthony Bettini is CTO of WhiteHat Security.
“The ongoing COVID-19 crisis has proven that applications are the driving force of the world economy. With a massive shift from brick-and-mortar locations to online operations across all industries during lockdowns, we believe that companies will continue to encourage the use of their online platforms to stabilize revenue streams, even as states and countries begin to reopen. During this transition, as digital transactions become the norm, it is absolutely critical for businesses to safeguard their applications.
Organizations will need to do the following to protect themselves and their customers in the post-pandemic, digital future:
- Employ continuous security risk assessments to maintain uptime. The sheer volume of demand on web and mobile applications stemming from the pandemic is expected to continue long after the pandemic is behind us. Continuous scanning allows businesses to check for vulnerabilities automatically as demands on applications evolve, even while in production. This can save time and costs while ensuring the business does not suffer downtime.
- Guard against vulnerabilities. Web applications are an easy target for hackers, who can exploit them and gain access to back-end systems and databases. However, when security is a key consideration in software quality and woven throughout the applications during the development process, the digital assets are protected from hackers.
In a post-COVID-19 world, maintaining the security and integrity of applications will help both digital-first businesses — and those whose reliance on their online presence skyrocketed in the virus’s wake — keep their digital doors open.”
How to Learn More About Post-Pandemic Cybersecurity
Check out the SIEM Buyer’s Guide. We provide details on the top providers and their key capabilities.