Intelligent CIO Europe Issue 32 | Page 37

Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + BHARAT MISTRY, PRINCIPLE SECURITY STRATEGIST AT TREND MICRO EDITOR’S QUESTION COVID-19 has already forced major changes on organisations around the world. CISOs have most likely been spending most of their time in recent weeks trying to close any security gaps in new remote working processes. The situation is still uncertain which can make strategic planning a challenge. But the good news is that with the right technologies and policies to hand, there’s no reason why distributed workforces should drive significant new cyberrisk for these organisations. So, what does best practice security look like in a new era of remote working? It must include endpoint monitoring or patch and asset management tools, to generate visibility into all home working machines and keep them updated and secure. If users aren’t on corporate laptops, they should have endpoint security vetted and enhanced if necessary. A whitelist of approved, enterprise-grade video conferencing/collaboration platforms will further reduce cyber-risk. We often talk about employees remote working under lockdown, but let’s not forget that most IT staff have to as well. That’s why CISOs may want to migrate to virtual Security Operation Centre (SOC) set-ups. In fact, this could be a new opportunity to create a truly 24/7 operation that breaks free of the usual 9–5 constraints, by using staff working across the globe. The only caveat is trust. In the longer term, staff security training and awareness-raising is essential. Real-world simulation exercises should be run during lockdown for all remote working staff, using some of the latest COVID-themed phishing lures spotted in the wild. Once staff are finally allowed to return to their offices in greater numbers, a new wave of training must begin. Threat levels remain elevated as cybercriminals target distracted employees and IT staff, and remote access infrastructure. That could force CISOs to take a fresh look at security solutions that offer greater automation and advanced capabilities like Machine Learning, cross-domain correlation and data analytics. It’s about catching threats faster, more effectively and potentially with fewer IT security staff available to manage controls. CISOs must drive home the message whenever they get the chance – that information security is a business-wide responsibility and not just in the IT department’s sphere of influence. That means security budget should be considered outside the normal IT budget. Depending on organisational culture, this may be a difficult sell. But the events of recent weeks present an opportunity to articulate how important technology is to ongoing business operations – and how, if mismanaged, security issues can have a huge impact on business risk. • “ CISOS MUST DRIVE HOME THE MESSAGE WHENEVER THEY GET THE CHANCE – THAT INFORMATION SECURITY IS A BUSINESS-WIDE RESPONSIBILITY AND NOT JUST IN THE IT DEPARTMENT’S SPHERE OF INFLUENCE. THAT MEANS SECURITY BUDGET SHOULD BE CONSIDERED OUTSIDE THE NORMAL IT BUDGET. www.intelligentcio.com INTELLIGENTCIO 37