Five ways our approach to cybersecurity could change post COVID-19
The impact of the coronavirus outbreak and cybersecurity is such that even the World Health Organization has published information on how to watch out for COVID-19-themed phishing scams.
The fact is, with our personal and work lives now digitized, cyber threats are one of the most real threats we face, and their scale has only magnified in a crisis which has us both distracted and living and working in a way that most of us aren’t used to.
Enterprise security teams have had to reevaluate quickly, but constrained budgets are making adaption to new ways of working and new solutions more difficult.
Even after lockdowns are lifted, we cannot expect things to return to normal; elements of the ‘new way of doing things’ – the strategies and approaches built under pressure – may stick around longer term, particularly if businesses continue to adopt remote or flexible working practices after social distancing restrictions lift.
With that in mind, TechHQ spoke to Amanda Finch, CEO of the not-for-profit Chartered Institute of Information Security (CIISec), for her predictions on how the cybersecurity landscape could look post-COVID-19.
# 1 | Creativity will flourish, as security teams are forced to do more with less
“Security budgets are already feeling the pinch from coronavirus, as organizations tighten their belts to get through this indeterminate period of reduced activity – even as the flood of new attacks makes security more valuable than ever,” said Finch.
“However, with a recession seemingly inevitable given the economic damage the virus has already caused, budgets will be stretched even tighter.”
As result, security teams will have little choice but to do more with less, whether that means automating key business and security processes – while still maintaining human oversight – or relying on upstream service providers who can provide the essentials more cost-effectively.
It doesn’t just come down to being more strategic with the tools available; “[…] security teams will develop creative new ways to shut down opportunities,” said Finch, which may be as simple as increased collaboration between security experts – particularly as in-person security conferences are likely to become rarer.
# 2 | Organizations should not mistake ICO inactivity now for leniency later
“As the coronavirus outbreak continues, the ICO will no doubt experience an exponential growth in its workload,” said Finch. “Adherence to GDPR, for instance, may begin to slip over time as employees continue to work from home and the lines between personal and work devices blur.”
Indeed, the speed at which organizations were forced to shift to a remote workforce may well have seen data privacy guideline compliance take a hit. Workers may well have had to access corporate data on their own devices, or will have used their own preferred systems and tools over the ‘work-approved’ standard.
While it’s “almost certain” the ICO and other regulatory bodies will not have the bandwidth to enforce privacy laws and regulations now – they will prioritize the most serious cases first – they will eventually catch up with organizations who have been complacent. Enterprises must ensure compliance isn’t forgotten about.
“[…] the last thing any business needs is a large fine and possible reputational damage after an already very challenging few months,” Finch said.
# 3 | The greatest challenges will come post-epidemic
Security teams may be in ‘survival mode’ at present in order to get their businesses and workforce through the lockdowns without a breach, but they must also keep the long-term impact in sight and plan accordingly.
“As well as the potential of a recession, and delayed ICO fines, many security projects will have been postponed or cancelled for the immediate future – meaning organisations will have to race to catch up whilst attackers have had a golden opportunity to streak ahead,” Finch explained.
“At the same time, ensuring that all data, which has been put at risk in the rush to adapt to remote working, is brought back under corporate control will be a mammoth task.”
Finch warned that those teams that anticipate service to resume as normal could be setting themselves up for greater pressure and risk of burnout. Instead, the last month or so has been a testing first step in what will be a “long-term transformation of the challenges and opportunities that security teams face.
“Using the current lockdown to prepare, instead of simply reacting to immediate needs, will be key to security teams’ ability to weather the challenges ahead,” she added.
# 4 | A golden opportunity for a new generation of security analysts
Cybersecurity specialists are notoriously (and increasingly) difficult to come by. It’s not only a demanding job, but there’s no formal career path and a lack of academic courses or qualifications – this skills gap becomes a more severe deficit as cyberthreats become more sophisticated day-by-day.
A study by (ISC)2 found that 65 percent of organizations report a shortage of cybersecurity staff, while a lack of experienced or qualified professionals is a worry for more than a third.
However, with career progression halted for many and concerns over furloughing and unemployment prevalent, many will be reassessing their current position, or looking to upskills and diversify their skillset. At the same time, the demands of working from home has forced people to become more digitally-literate and ‘cyber aware’.
This combination of situational factors could provide a “golden opportunity” for the cybersecurity industry – traditionally with a reputation for being “pale, male and stale” – to recruit outside of its usual narrow bracket, Finch explained.
“While many security employees will likely have come from STEM backgrounds, cybersecurity covers a broad spectrum and demands an array of skill sets, many of which individuals across other industries will already possess.”
# 5 | In-person site visits will become rarer and more intensive
Cybersecurity analysts themselves were not immune from the shift to remote working and the subsequent reappraisal of whether they need a physical ‘on-site’ presence to do their job effectively.
While some penetration testing is only possible in person, for example, anything that can be simulated online will be.
“As it becomes clear which activity can be completed just as easily without the complication, expense and, at present, risk of an in-person visit, site visits will be much harder to justify even after Coronavirus is consigned to the history books,” said Finch.
“Instead, while rarer, any on-site visit will be much more intensive; with analysts expected to complete in one visit what might have been previously done over a number of months.”