COVID-19 has accelerated years of digital transformation into just a few months, weeks, and even days. Accenture recently moved 1.2 million NHS workers to Microsoft Teams in less than a week. And we are not alone – Satya Nadella recently said that Microsoft had seen two years’ worth of digital transformation in 2 months.
This monumental shift to remote working, changing business priorities and the reconfiguration of supply chains has created new attack vectors and security vulnerabilities. But it has also led to new opportunities to deliver much needed change to the security space.
With breaches on the rise, the board’s daily conversations about operations and profits now include business survival, safety and security. Business leaders increasingly understand that they must focus on cyber resilience. And with good reason – organisations focused on investing in resilience resolve 96% of breaches in under 15 days, whereas the average UK organisation resolves only 53% in this time.
With their unique perspective across the business, security teams are now increasingly asked to contribute to the strategic direction of the business. So, what can security leaders do to make the most of this opportunity to create a long-term cybersecurity strategy that builds resilience into business as usual?
Treat your employees as your first line of defence
Right now, the most pressing issue is still threat actors taking advantage of susceptible newly remote workers. Home networks are 3.5x more likely than corporate networks to have at least one family of malware. Malicious threat actors are offering lures and traps that imitate credible sources, so the end users need to be informed on what to be cautious of. Employees are, after all, the first line of defence for a company’s security.
In the past, educating users about threat actors has often been patchy, with blanket training for all and a lack of focus on the areas most at risk. Teams should instead now look at rolling out tailored, interactive training. This is something Accenture has focused on, enrolling over 350,000 people in a Security Academy which teaches cybersecurity basics through simulations and game-like scenarios. As a result, there have been 66% fewer failures on social engineering tests. These programmes can also measure individual human vulnerability. With more analytics available, organisations can assess areas that need additional support.
Know your new boundaries
Organisations used to resemble the Tower of London, with a clearly defined perimeter and entry and exit points, as well as a map of where the crown jewels are stored. Now, we find that companies are more akin to the London Underground – so vast that it is increasingly challenging to protect all boundaries.
Threat actors are constantly searching for the weakest link – our State of Cyber Resilience research shows that 40% of security breaches are now indirect attacks through the supply chain or business ecosystem. Despite this, 60% of organisations are not fully monitoring third parties for ongoing risks. Measures that can help predict where threats will come from are an important tool in staying one step ahead. Threat intelligence is a growing capability that many organisations are developing on this front to spot both threat actors and threat vectors. This can be combined with penetration testing and red teaming, for example, to identify areas for improvement.
What’s more, with security teams stretched further than ever, leaders should also consider managed services and automate where it makes sense. Security event response, tool deployment and rule management can all benefit from limited human intervention. This will allow teams to make the most of their skills and prioritise a proactive approach.
Join the accelerated journey to cloud
Enterprises have been migrating to the cloud for some time now, but the sudden move to mass remote working has reiterated the fact that it is here to stay at scale. Security’s focus must shift from an enterprise infrastructure to a virtual and cloud-based set-up. For now, this means securing virtual desktops and managed personal devices, as well as introducing policy-based access to reduce the risk of compromised access.
But in the long-term, teams should implement a zero-trust framework to protect remote access. Using strong authentication that includes multifactor authentication, adaptive authentication, fraud prevention, identity proofing, behavioural analytics and biometrics, as well as device telemetry, will create the backbone for secure access going forward. Meanwhile, new cloud-based solutions will help meet increased demand for fast, frictionless, and secure remote access to data and applications.
Are your shoelaces tied?
Threat actors find and exploit any weakness. With the world just starting to emerge from lockdown, a security breach closing parts of the supply chain, for example, could be catastrophic for a business. But only focusing on the short-term may see security leaders fall on their face at the next step. Businesses are undertaking vastly accelerated digital transformations, and at the same time have also found a new sense of agility. Security leaders must look beyond the survival mentality and seize this opportunity to take steps that build lasting resilience into their organisation for good.