The pandemic meant that entire workforces had to find new ways to work from home and this challenged businesses across the globe. From a cybersecurity perspective, organisations have been required to scale up their security response to ensure people working outside offices are better protected.
Personnel have often made themselves an easy target for hackers due to using unprotected Wi-Fi environments, and organisations have had to rethink their security practices and implement new security controls outside the workplace. One of the weakest security links in the IT chain are people themselves. Many have not participated in any type of security awareness or education and are regularly victims of phishing attacks, fake websites, and social engineering as a result.
Organisations must have the right security controls in place, particularly for the endpoint devices.
To help end-users more effectively protect themselves from current day threats, du offers two solutions, Secure Remote Access and Digital Workplace. Both of these protect employee’s endpoints, such as mobile phones, laptops, or any other type of device accessing the corporate network. At the same time, these offerings enable people to work from home without impacting their productivity.
Organisations need to consider the right governance model in their security operations.
There are several security best practices that should be considered as end-users adjust to hybrid workforce and disruptions, accelerated transformation and post pandemic recovery. Firstly, organisations must have the right security controls in place, particularly for the endpoint devices. Companies need to have adequate security processes to ensure the right security controls are followed for company procedures, such as improved security set up when onboarding new employees.
Secondly, organisations need to consider the right governance model in their security operations, so they can better detect threats and respond accordingly. Ultimately, outsourcing an organisation’s security management to a Security Operations Centre is the best way to detect threats early because they protect environments both internally and at the edge 24 hours per day, seven days a week.
Thirdly, organisations are obligated to provide their employees with adequate education, which will enable them to identify security threats such as phishing emails and reduce exposure.
du supports organisations with various security consulting services that help them to understand their security posture, identify gaps, and provide solutions to strengthen overall cyber resiliency. These revolve around improving security controls, better-protecting endpoints, and ensuring they benefit from a complete security operations management service through Security Operations Centre. This is operational 24 hours per day, seven days per week, and enables fast detection and response to breaches and minimises impacts on organisations.
Organisations are obligated to provide their employees with adequate education.
Security orchestration and automation will be vital for leveraging artificial intelligence and machine learning capabilities, reducing the reliance on people, and eliminating human error. These technologies will be complemented by AI-based security platforms that will produce real-time data to predict attacks and ultimately prevent them.
Recommendation for CISOs
• In today’s digital world, many organisations are migrating to the cloud, where workloads are being distributed across a mix of private and public clouds.
• Building new security skills that will ensure better protection in cloud-native environments is key.
• In addition, today’s security lens focuses more on protecting the identity rather than the hardware assets, so increasing skills around identity management and protection will also be paramount.
One of the weakest security links in the IT chain are people themselves and many have not participated in any type of security awareness or education.