5 CISO Priorities During the COVID-19 Response

by Christian Wiens on May 7, 2020

Imagine serving as a CISO for a prominent enterprise and being thrown into a situation where overnight 80 to 100 percent of your workforce moves inside and begins working remotely. The logistics challenges alone are almost too daunting to imagine.

Meanwhile, your organization, like hundreds of others, has become a favored target for hackers, who have been lying in wait for a significant disruption like this.

To make matters worse, you have no idea when things will return to normal, or if “normal” will mean something new a few months from now. You may need to develop more permanent remote systems security solutions.

These scenarios are not imaginary, but playing out right now in the wake of the COVID-19 pandemic response. CISOs and security leaders all over the world are confronting how they will deal with foundational issues:

· Prioritization shifts. Which assets are more vulnerable now than they were at the beginning of 2020?

Sponsorships Available

· Day-to-day operations. How does a remote workforce change routine security tasks? How do InfoSec tasks get assigned and tracked among the team members? How will security updates be distributed and verified efficiently?

· Overall security posture. Do you need to take on a more hawkish approach to security threats across the board? Can you shift resources away from on-prem and apply them to the new remote environment without sacrificing overall security?

CISOs must not only confront these questions, but they also have to do it quickly.

Bad Actors Are Already on the Attack

Hackers are attacking from every angle imaginable. New research from Atlas VPN revealed that Google experienced a 350 percent increase in phishing websites amid the Coronavirus pandemic during the first quarter of 2020.

Europol reported that hackers are shifting attacks to remote workers, adapting their attack methods to target remote workers and the healthcare sector. One example the research firm pointed to is a cyberattack on Brno University Hospital in the Czech Republic, which shut down the entire IT network and forced the hospital to postpone urgent surgeries and reroute acute patients to other facilities.

Cyber fraud, in general, has increased, too, as hackers target the fear and anxiety many people are feeling these days. Several national agencies have released related warnings, including the FBI, the Department of Justice, and the Department of Health and Human Services Office of the Inspector General.

In this article, we’ll discuss five CISO priorities to focus during the COVID-19 response.

1. Secure remote users.

Pressure from corporate executives to get remote work capabilities up and running as quickly as possible is keeping CISOs more than a little busy. The approach has been on setting up the systems now and worrying about security later.

It’s an uphill battle to deal with these kinds of “bolt-on” security cycles during typical business routines, but the virus has added newfound urgency and complications. CISOs will need to find a way to preserve as much systems security as possible while conducting:

· On-the-fly risk assessments

· Controls adjustments

· Coordination with IT and network ops teams

2. Identify risk as quickly as possible.

Prioritization is vital. Organizations will need to quickly identify which assets are most vulnerable and most valuable to would-be attackers. For example, organizations with remote workers logging into VPNs to access on-prem infrastructure, the VPNs themselves, and other remote access gateways are both valuable and vulnerable.

3. Work nimbly.

Finding and patching holes as quickly as possible will be a must. In some cases, this kind of “whack-a-mole” approach may take up a good part of the workday. CISOs will also need to identify and implement new tools that keep the organization’s workflow intact as much as possible. New hybrid work environments may require from-scratch development and deployment at lightning speed to keep up with a vastly shifting workflow.

4. Stay vigilant and educate against new phishing techniques.

Bad actors who use phishing techniques love largescale current events because they can leverage the circumstances of the day to lure victims. CISOs will need to devote some time to educating a displaced workforce on the present dangers of phishing through email and other communications, including video conferencing tools like Zoom.

5. Lean on AI.

CISOs can’t do it all, all alone. That’s where AI-powered tools come into play. For example, MixMode’s third-wave AI solution creates a responsive, evolving baseline of your network that continually adapts to network changes. This is an especially appealing benefit now that network changes are nearly continuous during the COVID-19 response when a human workforce can’t keep up.

MixMode Is Uniquely Positioned to Address Today’s Cybersecurity Landscape

There’s never been a better time to integrate a platform that can respond to rapidly-changing protocol and system configurations in real-time. The MixMode platform can help you quickly and effectively meet the challenges posed by the security reality of a telecommuting workforce.

Reach out today to set up a demo.