Throughout 2020, we’ve seen cybersecurity become an even more important consideration for businesses as a result of remote working. For many, the approach was always reactive, especially as most businesses were not necessarily prepared for the cybersecurity challenges that the pandemic and lockdown would result in.
As we near the end of the year, businesses need to turn their attention to 2021, as it too will present many new challenges as a result of the remote working and the new normal that has been adopted across a myriad industries.
Offering his insight as to what some of those new challenges will be, as well as how to best tackle them, is Fermin Serna, chief information security officer at Citrix.
The first is that accepting that remote working is here to stay. Given the nature of the COVID-19 pandemic and the far-reaching impact it has had to date, Serna says few could have predicted that it would prove so chaotic from a business perspective. This will necessitate organisations ensuring their strategies are correctly aligned with the demands of remote working.
“Research shows that over three-quarters of more than 3,700 IT leaders in seven countries believe most workers will be reluctant to return to the office post pandemic. And they will need to revamp their security policies to support them as they work from anywhere,” he stresses.
Next he says the era of a business’s security perimeter being defined by on-premise solutions and firewalls is gone. “Today, applications and services are rapidly moving to the cloud, people are working from anywhere and the perimeter has all but disappeared. Corporate information security teams will no longer rely on traditional, VPN-based strategies to provide access,” says Serna.
“Instead, they will shift to a Zero Trust model that uses contextual awareness to adaptively grant access based on user behaviors and access patterns,” he adds.
Another important consideration will be the employee experience, which too will present its own challenge. Much like BYOD of a few years ago, much of the cybersecurity strategy will be determined by the experience of employees, according to Serna.
“Security teams will take an intelligent , people-focused approach to security that protects employees without getting in the way of their experience by securing all tools, apps, content, and devices they need and prefer to use in a simple experience that can be customized to fit personal preferences and evolving work styles,” notes the Citrix exec.
The next element, and we’ve already begun to see in action, is that the scale and intensity of cyberattacks will increase next year. The same goes for the sophistication with which they will attack, Serna says.
“Ransomware and other malicious attacks are on the rise, with cybersecurity researchers reporting a seven-fold increase in malware campaigns at the mid-point of this year. Flush with cash from their demands, bad actors, have been empowered to scale their operations. And they will,” he warns.
The final aspect speaks to Serna’s role as a chief information security officer (CISO) in particular, which will require a need to step up to the challenge next year. On this front, he expects responsible CISOs to become more agile in the way that they tackle cybersecurity, with the cloud being the big driver here.
“Companies are rapidly moving to simplify and shift things to the cloud. And CISOs are adapting to secure the new environment. But ten years ago, there was no cloud. And five years from now, there will be something else,” he highlights.
“CISOs will become more agile in adapting to changes as technology evolves in 2021 and align closely with business leaders to provide a secure environment that fuels innovation and growth,” concludes Serna.
As Citrix has pointed out, the new normal will demand solutions and a degree of agility that it anything but.