Pandemic response: Why IT leaders must get ahead of the security challenge

The pandemic has forced all organisations onto the back foot, but the IT department has been most severely hit in terms of helping businesses function in a changed world.

For systems and data security, that's not a situation that decision-makers want to be in this century: reacting, fixing and making do like a back-end systems support engineer in the 1990s. They need to get ahead of the problem.

The challenge to date is that the crisis has been a field day for organised cyber-criminals, opportunistic hackers, and hostile states, with increased phishing and ransomeware incidents, fraud, misinformation, social engineering, and corporate espionage.

Some attacks have played on people's fears and uncertainties of the virus itself, and others on organisations' desperate need to keep operating. Either way, cybercriminals are becoming increasingly professional and adept at extracting the maximum value from every systems and data breach.

So leaders should collaborate in a similar way - both internally and externally - to counter the threat.

The security challenge is intensified by the perimeter of the organisation being pushed wider into employees' homes, turning insecure family wifi systems into corporate network nodes. It is wise to assume that insecure smart devices, unruly teenagers, and other unpredictable problems may come into play, so authentication at both device and user level is essential.

The cloud is at the centre of this picture. Many organisations were already at different stages of their journey towards becoming cloud-centric or hybrid organisations for infrastructure, platforms, and/or on-demand applications. Yet the overnight transition to home working at scale has seen an acceleration of cloud-based trends that few managers had conceived of, let alone planned for.

A recent Computing survey of 150 IT leaders found that two-thirds of respondents had accelerated their cloud adoption plans to cope with the crisis, while 84 percent had experienced increased home working. The figures come as no surprise, but represent a severe risk of compromised systems and data.

The importance of the cloud cannot be overstated: cloud apps have enabled work to continue in the pandemic, alongside increased mobility. One advantage for IT teams is that collaborative apps can be managed from anywhere, and there has been a massive switch away from on-premise and even hybrid systems as a result.

Of course, IT teams need to collaborate effectively too. Organising the response to a security incident can be difficult with remote workers - and can be made harder by the growth of shadow IT and unsanctioned apps.

These are part of the need for the security response to get ahead of the problem. In the early days of the crisis, some organisations had no option but to grab the first collaborative app that looked feasible, following the path of least resistance and popular uptake.

IT leaders now have to decide which tools are right for the enterprise in the long term, and if they integrate securely and effectively with other systems.

Some IT leaders may find themselves unwilling members of a multi-cloud world, which means forging a security response to match. After all, the dispersed nature of most organisations has opened new avenues for cybercriminals to exploit - and they are certainly doing so.

The big picture for IT and security teams is this: one year on from the pandemic hitting the planet, the time is right to plan for the future, because it is clear that many aspects of this more remote, socially distanced world are here to stay.

For example, office-based organisations will find it hard to justify the costs of maintaining large premises now that they have found they can function without them. Prestige is increasingly found in predictable, robust service levels, rather than in bricks and mortar.

Even in the wake of lockdown, more than 40 percent of staff were still regularly working from home at around three-quarters of firms, as were 80 percent of the workforce at a quarter of companies. Since then, further lockdowns have ensued and the future is at best uncertain. It is wise to assume that remote working will remain the norm for many.

So IT and data managers can no longer patch, fix, and make do; they need to plan ahead for the post-pandemic world, in order to pre-empt and manage emerging security threats. Because one thing is certain: cyber-criminals have already done so.

This also demands a change in culture: old models of ‘presenteeism' or micro-management are unsuited to remote-working, so organisations should resist surveilling and monitoring staff in their own homes.

An output-focused model that shows trust in employees is the only appropriate solution - one that respects two facts:

• Employees still work for, and have duties to, the organisation as before.

• But they are doing so in the context of their private spaces and lives, in many cases juggling space, relationship, family, and child-care pressures.

Just as the perimeter of the organisation has widened, so must the daily remit and workflow of many employees' jobs. Managers need to accept that the old model of ‘9 to 5, sitting at a desk in HQ' needs to become more flexible on both sides.

Security needs to be at the heart of that flatter, more flexible, collaborative, demand-led, and service-based world.

Technical solutions have a core role to play, but the social, organisational and human factors are just as important. Organisations must now look beyond their traditional perimeters and work together - just as criminals are doing - to stay safe and secure.

In a networked, remote world of extended enterprises and partnerships, we owe it to each other to stay secure.

The computing research report, "Post-pandemic security planning: pre-empting and preventing emerging security threats" sponsored by Carbon Black can be read here.