If you think looking for a needle in a hay stack would be tough, imagine looking for a needle in a needle stack. Not just any needle, but a very specific needle that could stop a cyber attack or prevent a data breach. In the Information Age, every organization is saddled with needle stacks, or more specifically, copious amounts of data.
Think CISOs can rest following COVID-19? Think again. CISOs were by and large prepared for COVID-19. They navigated the workforce transition from the office to home seamlessly and addressed any vulnerabilities quickly and efficiently. Unfortunately, CISOs didn’t get much of a chance to celebrate their success.
CISOs adapted to the COVID-19 work from home transition quickly and avoided serious disruption even though most did not foresee a global pandemic impacting nearly every employee. Luck of the Irish? Maybe we should call it “Luck of the CISO.”
The batting coach knows he can get a struggling batter out of a slump by stressing the fundamentals. CISOs have taken the same approach with employees who are now forced to work from home.
For employees lucky enough to work from home during COVID-19, the pandemic’s impact on work and work culture cannot be overstated. At home workers now function in an environment devoid of the perks they took for granted, like social interaction, commercial broadband, conference rooms. Inevitably, CISOs took for granted perks like corporate networks, firewalls, and authorized devices and applications.
By now, we have all acclimated to a work from home world. Benefits like free dress, more family meals, and no commute far exceed the disadvantages. Hackers bet on the employee who works with his feet up has probably let his guard down. Reliance on home networks, connected personal devices, and VPN connections put PII, PHI, and IP at great risk. Cyber attacks including phishing, business email compromise, and credential stuffing have therefore increased significantly since the quarantine began.
Unless you’ve been living under a rock, you’ve seen the damage forest fires have wreaked upon landscapes and communities in recent years. When a forest fire moves at the speed of 80 football fields per minute, fire fighters are powerless to contain the blaze. Unfortunately, CISOs can relate. Once a file containing malicious code is opened, malware can spread like wildfire throughout an organization’s network, taking down systems and bringing business operations to a grinding halt.
A business continuity plan (BCP) ensures organizations continue operating in the event of an interruption like a hurricane, earthquake or fire. Like the old saying goes, “failing to plan is planning to fail.” Few businesses however anticipated a global pandemic like COVID-19. Despite the increase in remote work over the last decade, even the most comprehensive BCPs were stress tested against the sudden shift from the corporate office to the home office, couch, or dining room table.
Can you blame the CISO who wants to quash any tool, system, or process that invites risk into the organization? CISOs face embarrassing data breaches and unceremonious terminations when employees connect unauthorized devices and applications to the network, leave unlocked computers unattended, or engage in other risky behavior.
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.