People are working from home on an unprecedented scale due to the pandemic. CISOs have had to implement new measures to secure endpoints and raise awareness about cybersecurity
COVID-19 has required businesses to radically alter established ways of working and shift to a remote working model at scale. In fact, Stanford University reports that 42% of US employees are now working from home, accounting for more than two thirds of the country’s economic activity.
In response to this new ‘work from home’ paradigm, CISOs have been forced to quickly update their data security strategies to keep their systems and staff secure.
They have also facilitated the introduction of new technologies, reevaluated security processes and educated staff on the importance of ensuring information security in a remote setting.
“We accelerated the ‘work from home’ movement by years,” states Wallace Dalrymple, CISO Emerging Markets at BCBS Michigan. “What we were going to take in five years to do, we did in three months starting in March.”
Securing the Remote Working Environment for large organizations such as chemicals company Sasol, which has more than 32,000 employees around the globe, orchestrating this move to remote working was a huge logistical challenge.
“Due to [the] COVID-19 lockdown, we had to quickly ensure that we could enable our business to operate remotely,” says Sasol CISO Itumeleng Makgati. “It really showed us the art of the possible.”
She adds: “We’ve been talking about remote working and the future of work, as a concept. But with these lockdowns, we had no time to think about it. We just had to make it happen.”
One of the initial hurdles for Makgati was to ensure that existing remote working infrastructure could handle the increased load required to allow up to 32,000 employees to connect remotely at the same time.
“Our VPN solution was really not catered for the volumes that we expected with everyone connecting remotely,” she recalls. “So, we had to quickly then assess the right solutions and implement a VPN solution that was more scalable and would allow us have all these employees connecting into their environment at the same time.”
How ready organizations were to adapt to the change depended on several factors, such as the size of the organization and the maturity of the work from home culture in both the company and the geographical region.
For Storebrand CISO Bjørn Watne, the transition was smoother due to a mature ‘work from home’ culture in the Nordic region. This enabled him to focus on the next big objective – ensuring the security of a much-expanded network.
“Being in the Nordics, we are actually quite mature in terms of having a home office and working flexible hours,” he observes. “So already when we went into lockdown everyone had a laptop and a VPN access and the ability to connect to the office systems remotely.”
“The biggest challenge technically was visibility and being able to actually reach and monitor all the extended infrastructure,” he concludes. “We have a special focus [now] on security at endpoints and securing the employees because, compared to six months ago, we now have people everywhere, where we used to have them in a controlled environment.”
Managing a Dispersed Network of Endpoints With more staff working from home, CISOs must contend with a growing array of devices, each representing a potential vulnerability to their networks.
Of course, modern businesses have always had to secure many endpoints. But the rapid introduction of organization-wide ‘work from home’ policies made the process even more complex.
Cybercriminals are also aware of the changed working environment. Sophisticated attackers have specifically targeted remote employees with phishing campaigns, malicious SMS messages and phone calls.
“Every home has become a mini data center,” says Makgati. “The controls that you previously had, where people come into the office and plug into the network, have completely changed.”
In this altered environment, many organizations have increased the use of cloud-based security systems and virtual desktop infrastructure (VDI), so they can maintain control over the flow of data.
“We deployed some new endpoint protection, a virtual desktop and some new processes,” says Dalrymple. “We did make a lot of changes in a very short period of time.”
“We deployed Carbon Black, which is not just antivirus, but it’s also a detection software that will detect malware before it tries to encrypt your files,” he continues.
Using a VDI has helped CISOs to ensure endpoint security controls are in place even for vendors or other third parties who may need access.
“If they’re going to work on our environment, they had to sign these standard operating procedures,” says Dalrymple.
“They had to leverage our VDI so that I could control [the data flow], even offshore, so that data does not leave the United States,” he continues. “It is more controlled because in a virtual desktop session I can actually put in my endpoint controls.”
By securing endpoints and providing the necessary infrastructure to allow for employees to work from home at scale, CISOs have helped to ensure business continuity during a period of rapid change. However, working remotely can create challenges for employees when evaluating potential threats. As a result, CISOs have also focused on the human element of their security network – creating tailored educational programs to provide more contextual support to their remote workforce.
This is an extract from the exclusive report The 2021 Information Security Agenda. The report highlights how COVID-19 has rapidly shifted priorities for Chief Information Security Officers (CISOs), requiring them to implement new strategies, technologies and educational programs in a time of heightened risk. Click here to get your copy.