Attributed to Haider Pasha, Chief Security Officer, Middle East and Africa (MEA) at Palo Alto Networks.
It may sound odd to talk about the “post-COVID” era when infections and, tragically, deaths continue to mount around the world. However, I remain optimistic that the brilliance of the world’s scientists and a global commitment to finding a vaccine will eventually bear fruit.
Therefore, I strongly encourage business executives and board members to begin planning in earnest for how to conduct business when we do turn the corner. This is important, because while I am confident that we will defeat COVID-19, I am also realistic to expect that some other kind of crisis could show up in the future. And, as we quickly learned when COVID-19 emerged and rapidly spread, substantial cybersecurity risks presented themselves—and many organizations were not adequately prepared.So, let’s start planning for that next big threat in order to ensure proper defense, sufficient resilience and robust business continuity.
The philosopher George Santayana reportedly said that those who do not learn from history are condemned to repeat it. Business executives must keep that advice in mind when considering the impact of disruptive events like COVID-19 on their organizations. I believe there are four key lessons that business leaders should understand as they plot their upcoming cybersecurity strategies:
- Work no longer is the sole, or even principal, domain of the business office. One of the few silver linings from the pandemic has been an awareness and understanding of how work can and should be done from remote locations. And I’m not just talking about working from home. We are now in the era of “work from anywhere,” and we’re not going back. That means that organizations must architect business operations, especially cybersecurity, for that model. Outside of the general scale and capacity challenges, working remotely exposed many organizations’ cybersecurity vulnerabilities; it was a harsh—but necessary—lesson to learn.
- The move to cloud services is no longer a trend, but a necessity. So, having a cloud cybersecurity strategy is a must. Many businesses discovered the operational benefits of being able to provide access to applications and services via the cloud, but they also found out what happens when you move critical data to and from the cloud without the right cybersecurity framework. Cloud services are now a prerequisite for operational agility and for business continuity, but those can only be assured if cloud connections are safe, secure, compliant and aligned with data governance policies. This acceleration of the transition to the cloud is now a fact of life.
- Good cybersecurity practices and policies of the past are no guarantee of future success. Just because your cybersecurity defenses worked adequately in the past, you should not assume they will continue to stand up to new threats in the future. And if you ran into any cybersecurity challenges pre-COVID—and who didn’t?—then you can be assured they will be even more problematic going forward. You must learn to massively and reliably customize, evolve and scale your cybersecurity frameworks in an era of countless new connections, applications and services, and you had better work closer than ever with your ecosystem, including supply chain, cybersecurity partners and service providers.
- Intelligence gathering is not enough. Organizations need more ways to correlate seemingly disparate data points in order to provide the right context to security-related data. Security Operations Centers, risk management professionals, data governance experts and business leaders throughout the organization need to identify the context of data in order to use those powerful analytics tools to help you make smarter decisions on risk. You’ll also need to be smarter in using your resources—human and technology—to deal with mounting and expanding risk vectors.
Learning from lessons based on recent events is valuable, of course. But lessons are most impactful when we can actually apply them toward what’s next. We should aim for a modernized, context-aware cybersecurity strategy. Specifically:
- Work from home will not only continue, but will dramatically morph into work from anywhere. Employees, partners, suppliers and customers all will need connections to digital assets—applications, data and services—that are even more secure than today. Everyone and every device will need to be protected in any location, especially when those devices are connected to things like home networks and personal cloud services.
- Event and incident monitoring will need to become more systematic, more detailed and more intelligent. Organizations must be able to monitor not only suspicious traffic, but also monitor any device and user, and be able to put user behavior and data activity in the proper context.
- No organization will have the luxury of putting off a cloud-centric cybersecurity strategy, because even the most cloud-averse organizations will become cloud-ready, if not cloud-first. Those that have had a cloud-first strategy are now moving to a cloud-only strategy. The pandemic has taught us all about new use cases for cloud computing by necessity, and those use cases are becoming increasingly strategic to key business objectives.
- Automation must become a core principle of cybersecurity defense. The innovation and persistence of bad cyber actors has taught us that we can’t just hire enough cybersecurity experts to brute-force a solution. Automation is fast becoming a hallmark of the smartest and most visionary organizations when it comes to cybersecurity. Relatively simple activities that previously ate up a lot of security professionals’ time and budget must become automated in order to devote very smart security experts to working more closely with business professionals and applications in the form of DevSecOps.
The pandemic has taken its toll on people, organizations and economies. No one can predict when all this is over. But even if we don’t have a crystal ball, we all know the direction of digital transformation – and it’s one way only. Business leaders, with the help and guidance of their security teams and their boards, must look at new ways to secure their organizations’ most valuable digital assets and create a safe, secure digital environment starting today.