Cybersecurity Mastermind Series — 4/9/20 — COVID-19
Last week, CloudVector hosted its first Cybersecurity Mastermind series, focused on the impact of COVID-19. More than a dozen CISOs, representing five different industries responsible for thousands upon thousands of employees moving to remote working joined together to discuss how they were responding to this pandemic with digital transformation, cloud migration, and remote work initiatives. This closed-door session was such a success that we’re planning to host a public event soon — look for more details at the end of this post.
As for the discussion, it should come as no surprise that the major trend was work from home. How can you securely enable productivity? How can you remain compliant? There is a need to move lightning fast to adapt to this new environment, but it cannot be done without security and compliance considerations.
Not only are these CISOs having to support their own company, but they are also having to support 1,000s of clients that are just as busy. Changes are happening multiple times a day, and those changes must be communicated. It has been hard for teams to connect and remain engaged, but video helps.
But collaboration tools, such as video conferencing, have their own issues — take all of the recent news with Zoom. Organizations that rely on VPNs have started split-tunneling Zoom (and other heavy bandwidth services) while continuing to protect corporate traffic through VPNs. Of course, this has resulted in more bandwidth consumption.
Change control is more difficult on the edge, but organizations that have already been adopting a cloud-first, zero trust model found it easy to flip the switch from one-third of their workforce working remotely, to more than 80% now. Other organizations with previous work from home experience have already ironed out many of their challenges but didn’t anticipate some use cases, such as developers that need access to devices for quality assurance and testing.
SecOps are working double time, as they are overwhelmed with the new reality of end-users connecting from malware-infested home machines. One interesting practice has been to run all privileged access through dark web monitoring. It turns out that some of these accounts are now finding hit rates on the dark web, which requires rolling new credentials. Likewise, when everyone does return to work there is an expectation that all credentials will be refreshed and replaced.
A common challenge has been with outsourced IT service providers, such as call centers. Which have also required approved exceptions for compliance SLAs. Other organizations view endpoints as the first line of defense, and have re-imaged 100s of desktops as multi-purpose machines, or scaled up their VDI infrastructure.
Of course, the big question is what comes next?
For organizations with a global presence, each region must be considered individually. Some will be returning to work sooner than others. We can also take cues from how earlier impacted regions, such as Macau, China are returning to normal: workers are having their temperatures taken every day, even using thermal cameras, they are still wearing masks, and deploying more physical barriers. Some organizations are thinking about the gradual return to work, as the UK has now suggested that workers younger than 30 may return to work sooner due to their lower risk profile.
For organizations that are thinking about how this experience can shape their digital transformation initiatives, SaaS applications such as Office 365 are being accelerated as well as application modernization projects to deliver an end-user experience similar to SaaS apps and reduce costs of provisioning and management. Zoom and other cloud collaboration services were also popular. The most important aspect seems to be in approach: adopting an “any time, anywhere” mentality, without negatively impacting operations and production. The zero-trust architecture can help here, with MFA, IAM, and SASE.
Let’s keep this conversation going. What issues has your organization been struggling with? What has been working well? Have you deployed any unique solutions to help?
We are continuing the discussion on April 29. Join us for a panel discussion with Teza Mukavilli, CISO, TheRealReal, and Dan Thormodsgaard, CTO, Fishtech Group, [URL – Getting Real with the CISO of The RealReal: Re-Prioritizing Budgets in a Post-Pandemic World]