The global pandemic has sent deep ripples throughout the world, and few, if any, areas have been left untouched. Cybersecurity is no exception. In the earliest days of the pandemic, cyber-criminals exploited the chaos with phishing attacks targeting newly remote employees and performing ransomware attacks on hospitals. Towards the end of the year, hackers pulled off the largest supply chain attack in history. In order to preserve business continuity enterprises have also undergone swift digital transformations. In that rush, they may have overlooked the security considerations that went into the pre-pandemic adoption process and unwittingly exposed their environments to cyber-threats.
Though vaccination campaigns roll out across the world, it is not yet the time to take our foot off the cybersecurity gas pedal.
Resilient Security Budgets in the Face of Economic Downturn
The continuing fallout of the pandemic forecasts a significant economic downturn. UK Chancellor of the Exchequer Rishi Sunak has announced that the economy is set to contract by 11.3%.
Still, cybersecurity budgets look resilient. 451 Research’s quarterly advisory report - Voice of the Enterprise: Information Security, Organizational Dynamics - shows that even those who have been most affected by the pandemic are increasing their cybersecurity budgets by 8%. Those who were less impacted are increasing those budgets by as much as 22%. Over half (53%) of organizations surveyed believe that current security staffing levels are inadequate and 15% of those organizations are adding security staff.
This points to an increased need for cybersecurity even in the wake of the pandemic and economic hardship.
Mass Remote Work
In 2020, we saw the explosion of mass remote work on an unprecedented scale––and it’s here to stay, at least in some form. Even when physical offices reopen, it’s likely that most organizations will adopt a hybrid work model. That means that organizations who have ignored the need to make changes to their IT infrastructure or used a band aid approach will need to take a hard look at the long-term impacts of users home networks, personal devices and behaviors.
Enterprises need to ensure visibility into all connections across hybrid environments in order to maintain their security posture.
Cloud Reliance
The move towards hybrid environments has been a long time coming, but few expected cloud adoption to take place this quickly. The pandemic prompted an explosion in cloud adoption as enterprises scrambled to ensure the viability of mass remote working. As they hastily moved infrastructure away from the data centre and into the cloud to keep the business up and running, security controls were not the priority.
Security has been a historical barrier to cloud adoption and moving forward, enterprises will have to rethink security considerations that may have been overlooked.
Securing the Post-Pandemic Network
When faced with uncertainty, enterprises can get more conservative and hostile to risk. Going forward security may be under increased scrutiny, but it is not time to cut back on security measures.
In 2020, Microsoft CEO Satya Nadella noted that “we have seen two years' worth of digital transformation in two months.” He’s right about that and now organizations need to secure this new digital landscape. In a hybrid environment that supports mass remote work, that means deep visibility into all the transactions and connections within the network.
Cloud visibility is a prime example. Enterprises need visibility tools to see into all of their environments and treat them as one unified network. The pandemic precipitated rushing head first into the cloud has flattened many of the barriers - such as security - which would have previously held up cloud deployments. Now that enterprises have been forced into an ever greater reliance on the cloud - they need to retroactively take those things into consideration.
They need to be able to track data wherever it resides. The fact of the cloud and the hybrid environment means that we cannot merely set up walls and stop data from flowing freely from one environment to another. Instead we need to be able to track and profile that data wherever it resides or moves, spot threats to it and unify those different environments behind the same pane of glass.
The pandemic has been a shock to the system. It has forced a variety of digital transformations upon organizations, upending much of the castle-and-moat architecture that many enterprises were used to. With that comes new considerations and potentially new threats. As the path back to normality becomes clearer, enterprises need to start securing those changes and adapting to the post-COVID digital landscape.