Infosec professionals have always had their work cut out for them, as the threat landscape continuously challenges existing security measures to adapt, improve and cope with the unexpected. As the coronavirus pandemic forced organizations to migrate their entire workforce to a work-from-home context, practically overnight, security professionals faced a new challenge for which half of them had not planned.
A recent Bitdefender survey reveal that 83 percent of US security and IT professionals believe the COVID-19 pandemic will change the way their business operates, mostly because their infrastructure had to adapt to accommodate remote work. Another concern for companies is that employees tend to be more relaxed about security (34 percent) and that working remotely means they will not be as vigilant in identifying and flagging suspicious activity and sticking to security protocols (34 percent).
Having managed the initial work-from-home technology transition challenges, 1 in 4 security professionals understands the significant value and deployment of endpoint risk assessment tools. As mobility shifted to 100% for all employees, organizations could no longer rely on infrastructure-embedded and perimeter defense technologies to protect endpoints. Augmenting the endpoint security stack with risk assessment and risk analytics tools became mandatory in order to give infosec professionals needed visibility and more control over remote employee devices.
In addition to deploying risk analytics, 31 percent of infosec professionals indicated they would also increase employee training, as the current threat landscape has been witness to more socially engineered threats than actual malware sophistication. Employees are more at risk of clicking the wrong link or opening a tainted attachment, potentially compromising both their devices and company infrastructure.
With a greater need for visibility of weak spots within their infrastructure, 28 percent of security professionals have also had to adjust security policies. For instance, pre-pandemic policies that took into account infrastructure hardware and security appliances became useless in a remote work context.
The New Normal
While some companies have transitioned to the new normal faster than others, businesses understand they need to provide additional cybersecurity measures for employees, and to permanently increase their capability to monitor and protect devices outside of the office. There’s never been a silver bullet for addressing cybersecurity challenges, and the current post-pandemic era is further proof that security is a living organism that needs to adapt to ensure business continuity.
Nothing new to the role of an infosecurity professional.They still need to deploy the right people, the proper process and products, and the correct procedures to achieve long-term safety and success.
About the author: Liviu Arsene is a Senior E-Threat analyst for Bitdefender, with a strong background in security and technology. Reporting on global trends and developments in computer security, he writes about malware outbreaks and security incidents while coordinating with technical and research departments.