A largely distributed workforce is here to stay in 2021 and beyond. The rapid migration to work from home last year has certainly put many organisations and end users at the risk of several threats such as data breaches and phishing attacks. Security leaders are required to be more conscious about the safety of end users, the use of unsafe data security practices, more data breaches, and phishing attacks than ever before, which has spurred the need for more proactive security measures.
Implementing a robust security awareness programme can improve employees’ knowledge of common security threats and best security practices. Building cybersecurity awareness requires a year-round focus in the following areas for example.
- Reporting phishing emails: End users should proactively report email scams either to the IT department, email provider, or another governing body. Employee inaction is one of the biggest causes of security oversight.
- Avoiding unapproved software or plug-in installation: For example, it is important to create awareness about installing any software or browser plug-ins that are not approved by the IT team is important as well.
- Strengthening device security: Introducing external devices such as personal mobile phones to the network increases the number of attack paths for security threats. Hence, employee mobile devices need to be securely connected to the corporate network with pre-installed endpoint protection.
An emerging technology that can significantly strengthen end-user and organisational security is deep learning.
Today’s multi-device multi-cloud environment requires a more robust cybersecurity strategy, such as zero-trust architectures, that can help protect customer data, intellectual property, and network controls.
An emerging technology that can significantly strengthen end-user and organisational security is deep learning as it focuses on unusual behaviour by determining deviations from legitimate or acceptable behaviour.
Today’s multi-device multi-cloud environment requires a more robust cybersecurity strategy, such as zero-trust architectures.
The neural networks of deep learning can help create smarter intrusion detection systems, IDS, and intrusion prevention systems, IPS, by scrutinising traffic with improved accuracy, hence decreasing the number of false alerts and enabling security teams to distinguish between bad and good network activities.
A highly skilled security workforce is the cornerstone of cybersecurity resilience.
Natural Language Processing, NLP, can help users identify and tackle spam and other forms of social engineering. In essence, NLP observes normal forms of communication and language patterns and employs various statistical models to discover and block spam.
A highly skilled security workforce is the cornerstone of cybersecurity resilience. As hackers become more audacious and the nature of threats rapidly evolve, the demand for cybersecurity talent has amplified as well. However, we are faced with skills shortage which means more deliberate steps involving upskilling and reskilling are required to close the skills gap.
Recommendation for CISOs
Security decision makers should focus on areas such as:
• Risk management and identification
• Cloud security
• Perimeter security which is IDS and IPS
• Cybersecurity automation
Implementing a robust security awareness programme can improve employees’ knowledge of common security threats and best security practices.