Roadmap for CISOs - Security lessons from 2020 and preparing for the year ahead

With the outbreak of the COVID-19 pandemic earlier this year, businesses around the world had to reshape their cyber security framework at a moment’s notice. The various restrictions on public gatherings and the closure of office spaces resulted in employees working remotely from the confines of their homes. This meant logging into corporate networks while operating under the subpar security offered by personal devices. With security levels somewhat compromised due to the work from a home transformation, cybercriminals are taking full advantage of the coronavirus post-pandemic disruption. The CISOs (Chief Information security officers) of various big-ticket organizations have outlined the rising trajectory of COVID-19 themed cyberattacks since the advent of the unprecedented pandemic.

As the work from home setting mostly offers inadequate security measures, cybercriminals have jumped on the opportunity to implement various attacks. Encouraged by the inherent vulnerabilities and intermittent security that are typical to Remote Desktop Protocol Connections, VPN servers, and personal devices; hi-tech and ultra-resourceful hackers are directing a horde of spear-phishing, malware, and ransomware attacks. These attacks often target unwary workers who inadvertently fall prey to these threat verticals that are circulated across the internet in the garb of COVID-19 themed mails. In a nutshell, the pandemic has unwittingly catalyzed an upsurge of cyberattacks that are rapidly finding their way into the heart of corporate databases after breaching the defenses of compromised devices.

With the black swan year coming to a close and 2021 just around the bend, CISOs have their hands full with the challenges to cybersecurity that lie at hand. The events of 2020 have made it particularly clear to the organizational heads. There is an urgent need for companies to step up their defense budgets and draw in the necessary cybersecurity talent to deal with the ever-burgeoning threat matrix. With assets and databases worth billions at stake, CISOs must shake the advances of various threat actors that are out to jeopardize and disrupt an organization’s state of play.

The foremost step which all top-level company executives lay emphatic stress is the total relocation of all company databases and data assets to high-level private cloud servers. While remote-working may pose the drawback of home-bound firewalls and underwhelming cybersecurity, it also has its upside. Now CISOs can onboard promising security professionals from all over the country as they are no longer limited to recruiting from one particular space. The emergence of hybridized remote-working spells good news for company executives as they can keenly extract the best resources from any part of the country provided the talent can keenly adapt to working in remote conditions and thrive in a post-pandemic setup.

The road ahead for effective cybersecurity resilience will demand that security professionals are well versed in tech abilities such as cloud security skills. As companies realize that the coming time will see a continuation of virtual teams working remotely, there will also be an equal emphasis on robust and privileged access management solutions that can help remote working employees efficiently curtail the expansive threat landscape while adding optimum productive value. For security leaders of various organizations, the utmost priority should be the continuous development of less-experienced security professionals through live simulation training and real-time experiential modules that can help them grow accustomed to working in a hands-on dynamic corporate environment. As adroit candidates are far and wide, CISOs must focus on nurturing the existing talent and bring them at par with the expected levels of cybersecurity expertise. It is imperative for companies to identify and hire those individuals that

not only have the necessary talent but also exhibit ample initiative and desire for personal and organizational growth in the new normal.

The transformed working environment where remote operations are replacing office-based functions will witness a higher demand for operatives who are proficient in an array of tech skills and soft skills. Only a balance of these two skill-sets that lie on the opposing side of the spectrum can ensure that companies sail smoothly in the sea of cyberthreats. It is essential for security leaders to think like the criminal masterminds to deduce their attack trajectories and ensure preemptive action at the earliest. It involves being a step ahead of the threat matrix through in-depth strategy and arriving at realistic conjectures beforehand. To that end, CISOs are placing maximum importance on hiring DevSecOps professionals.

These security experts are well-acquainted with agile and integrated ultra-dense security practices that are integrated within the DevOps process. By advancing a paradigm-shifting ‘security as code’ neo-culture with constant interaction and adaptive associations between security teams and release engineers, companies can efficiently scale the topmost heights of cybersecurity summits with unblinking attention to the vast surfeit of threat actors that always lurk within an arms distance.

Professionals who hold expertise in Identity and access management as well as those who are rich in incident response capacities and specialize in IaaS, SaaS, and other cloud-based services. The year 2021 will also observe the rise of heavily encrypted zero trust security practices. The ‘zero trust’ concept asserts that organizations should not directly trust any person or entity whether placed outside or inside its security perimeters. It is founded on the principle of providing secure user access to avert data loss irrespective of the user’s physical or virtual location. By implementing the zero-trust security architecture, CISOs can help oversee the shift from a conventional perimeter-based security model to a modern access state of the art security module.

CISOs must work in close collaboration with the C-suite to foster enhanced and integrated ecosystems that maximize cybersecurity operations, especially under remote working conditions. The top-level security architects of any company must also be equally cautious of alarm fatigue or alert fatigue sneaking into the employee conscious. The probability of such an event increases manifold especially when an organization’s defensive stack is exposed to a large number of attacks or threats. The rising frequency of these alerts results in employees inevitably becoming desensitized to the overarching threat landscape. This can further lead to delayed response time or even worse, momentary lapses in retaliatory action.

Author: Rakesh Kharwal, MD-India, Cyberbit

Lastly, it is equally essential for top-level security executives to constantly train their employees in the highest security benchmarks via real-world cutting-edge simulation programs and experience-driven training modules that provide a first-hand insight into corporate threat landscape. By optimizing advanced cyberrange training and simulated platforms, companies can effectively replicate the various threat matrixes and respond to actual attacks and threat verticals using customized solutions for different ‘situations’. These state-of-the-art cyber warfare training and software development practices can ensure that an organization’s ethical hacker or a security expert can evade and neutralize all kinds of cyberattacks every day with unparalleled efficacy.

The road ahead for security leaders and organizational requires a consummate blend of various hardboiled tech skills and interpersonal soft skills for effective management. While Incident response skills hold the highest imperative under the evolving post-pandemic threat landscape, CISOs will also be on the lookout for contract management and human resource personnel that can ensure that security professionals have access to the highest standards of cybersecurity training, ultra-advanced infrastructure, and a stress-free and conducive working environment to warrant best practices. Cybersecurity warriors must evolve consistently with due accordance with the evolving threat landscape.