6 Ways COVID-19 has Affected the Priorities of Security LeadersIt’s no exaggeration to say COVID-19 has dramatically impacted organizations globally, with the majority of office workers shifting to remote environments. For security leaders, the scramble to enable remote workers has changed security strategies, priorities, and workflows overnight. By: Scott Leach
To understand this shift across Australia, we sought insight from security leaders at BlueScope Steel, MinterEllison, and Wesfarmers Industrial & Safety to share how their day-to-day, short-term, and long-term priorities have shifted during the global pandemic. Read the 6 key priorities and trends that are top of mind for Australia’s security leaders.
1. Recognizing increased exposure, in more ways than one.
With many projects, investments and IT rollouts now on hold, security leaders are focused on one thing: enabling their remote workforce while minimizing risk. For companies managing troves of confidential data and IP like MinterEllison Australia’s leading law firm, ensuring business operations remain secure is the single purview for Sunil Saale, Head of Cyber and Information Security. With 2,500 employees shifting to full-time remote working environments, Sunil says his team has seen an “exponential spike in email and network based threats. With our employees, partners, and clients using shared home networks, cloud-based printers, and scanners, we saw a dramatic increase to our organization’s attack surface. We have increased our vigilance and monitoring of emails, endpoints and network and are watching closely on exceptions are acceptable and what exceptions are just too risky."
Audrey Hanson, CISO at BlueScope Steel, the third largest steel manufacturer globally, agrees, adding, “The majority of our users are now working from home oftentimes using a shared Wi-Fi network. This network is shared with an array of devices that do not always have appropriate security measures in place, like smart TV’s and/or appliances, digital assistants (Alexa), children’s toys, etc. This has increased the risk exposure to our corporate data by potentially leveraging unsecured gateways for nefarious activity.” For Audrey and her team, the increase in potential exposure is top of mind. Also, in the current climate “our people are hungry for information, for their role, personal life, and safety so it’s expected to see their defences down and curiosity peaked as they navigate this period… which unfortunately, makes them easier targets for phishing activities.”
2. Keeping the human factor top of mind.
Audrey isn’t alone in thinking about her people first and how COVID-19 is affecting the mentality and engagement of staff. Sunil shared, “Working hours and expectations are adapting. With families all at home, juggling school hours, day care and day-to-day responsibilities at work, IT teams are now see a different trends on when employees logon and how long they are connected to the network as they decide the right work-life balance while working remotely."
With organizations’ financial difficulties flowing down to impact employee hours, compensation, and growth opportunities, one reality businesses are facing now more than ever is that of the insider threat. It’s a challenging time to keep employees informed, motivated, and confident in their roles and these concerns at work can be compounded by increased levels of stress outside of the work environment due to worries about the health of their families, livelihood, and uncertainty about the future.
Daminda Kumara, Head of Cybersecurity at Wesfarmers Industrial & Safety, adds, “Education and communication have never been more important. What we call ‘human firewalls’ are the common link between the majority of breaches and it’s over to us to prioritize the enablement of staff and monitoring of our network to ensure we have visibility over how our organization’s behavior is shifting.”
3. Managing your risk in the short term.
With shifts in mandated IT projects and investments overnight, security leaders need to ensure they have a clear view on where their risk lies. For Daminda Kumara, Head of Cybersecurity at Wesfarmers Industrial & Safety, “Establishing a Risk Heat Map based on known data ensures my team is prioritizing areas of the business that expose the organization to the most risk.” Today, 75% of the Wesfarmers Industrial & Safety workforce has shifted to remote with usage of installed technologies spiking up from 10% to 90% to drive collaboration across the business. With new network access capabilities and a shift in usage behavior of IT tools across the business, it is crucial for security teams to re-evaluate their short-term priorities and align on what’s critical.
“For IT staff it’s not uncommon to work from home, but for the majority of our organization, this is a first for them.” For Audrey and her team, short-term security strategy has shifted to “a tactical approach on how we address and remediate our immediate risks. We have expedited global enablement of some key services to support the behaviours of staff that aren’t accustomed to best practice when working remotely.”
4. Setting the pace for agile security operations.
With an unprecedented need to reconfigure security operations across the business, security leaders are pausing rollouts and projects in order to reshuffle priorities and adapt to new BAU operations. According to Daminda, “Organizations haven’t been required to makes changes to IT this rapidly before. Decisions need to be made quickly and this has been a steep learning curve for our organization to be resilient and responsive to rapid shifts in demand across the business. We have seen this as an opportunity to learn from; identify how we work best as a team in high pressure situations and document the processes we undertake to problem solve quickly.”
With security teams moving quickly, it’s critical to ensure speed doesn’t outweigh security. For Sunil and his team, “Having Red Cloak as our managed EDR tool across all endpoints helped us immensely during our remote shift. We were able to pivot as needed with the assurance that our front-line security measures remained strong.” For security teams across the board, now is the time to evaluate your background security measures to understand where your strengths are.
5. Preparing for a new BAU in the long term.
With security and IT teams alike enabling entire workforces to practice BAU operations remotely, Audrey predicts: “This is the start of a new normal. Employees working from home will naturally increase even after the effects of this pandemic level out. Our investments in the future will no doubt reflect this shift and will see our security measures increasing across remote capabilities.”
The good news is that remote workforces break down the barriers of common challenges security leaders face on finding the right skill sets across staff. Sunil is optimistic of the opportunities ahead where “finding the right talent might get easier as remote working is accepted more widely across the industry. This also highlights the importance to have the ability to monitor endpoints continuously anywhere anytime, our ‘cloud-first’ approach will no doubt be supercharged which benefits us in the longer term to easily adapt and be more resilient to such challenges."
6. Proving your value to the board.
Increased collaboration and support from IT and security functions has meant the wider business is understanding the value IT brings to the business’s bottom line. For Daminda and his team at Wesfarmers Industrial & Safety, there could even be an increase in investment in the years to come. “Business units are now collaborating more than ever before with IT teams, and seeing technology investments pay off,” noted Daminda. The environment IT and security teams find themselves in today is an opportunity to prove the value of how security enables business growth, innovation, and collaboration.
Hear more about how Sunil Saale and his team at MinterEllison execute security operations on the front line to stay one step ahead of threats in their environment. Watch the short video here.