Marking the National Cybersecurity Awareness Month (NCSAM), it is imperative that we assess the cybersecurity implications of COVID-19 and how several leaders had to expedite cloud migration plans due to the pandemic, and it is also important that we address problems surrounding Privileged Access Management (PAM). According to a recent survey by Centrify, a provider of Identity-Centric privileged access management solutions, nearly half of IT decision-makers’ companies had to accelerate their cloud migration plans (48%) and IT modernization overall (49%) during the COVID-19 pandemic.
The study also revealed that with the pandemic and shift to distributed workforces, 60% of companies had to review and adjust their cybersecurity postures and supporting tools. On the bright side, the challenges companies faced this year will have a positive effect on the cybersecurity workforce and IT budgets for the future, with 35% of respondents obtaining IT budget increases for 2021. With regards to headcount, it was revealed that 63% saw little to no impact on their teams.
Rushing toward cloud adoption also came with its own cup of risks. Research from IBM Security revealed that the ease and speed at which new cloud tools can be deployed can also make it harder for security teams to control their usage.
With businesses rapidly moving to the cloud to accommodate remote workforce demands, understanding the unique security challenges posed by this transition is essential for managing risk. While the cloud enables many critical business and technology capabilities, ad-hoc adoption and management of cloud resources can also create complexity for IT and cybersecurity teams. According to IDC, more than a third of companies purchased 30+ types of cloud services from 16 different vendors in 2019 alone. According to the IDC CloudPulse Summary Q119, this distributed landscape can lead to unclear ownership of security in the cloud, policy “blind spots” and potential for shadow IT to introduce vulnerabilities and misconfiguration.
COVID-19 and PAM
COVID-19 saw mass layoffs across several companies across the world. Several of these may have been employees with privileged access. It is also true that disgruntled employees are one of the biggest reasons for insider attacks.
“Losing employees with privileged access is not a problem if there are processes in place to understand who is accessing what, when, and from where. When someone leaves, it is simple to de-provision their access immediately and have a record that this has occurred. It is the role of the CISO to make sure that these policies and processes are in place, rigorously enforced, regularly reviewed, and updated as new systems are deployed across the corporate network,” said Laurence Pitt, Global Security Strategy Director at Juniper Networks to CISO MAG in a recent interview.
Best Practices to Keep in Mind During NCSAM
“NCSAM emphasizes on creating awareness about the importance of cybersecurity and helps available resources be safer and more secure online. With ‘Do Your Part. #BeCyberSmart,’ as the theme for the year, it reminds us that cybersecurity is a shared responsibility and each one of us has a role to play,” said Rohan Vaidya, Managing Director – India at CyberArk.
With remote working becoming the new normal, it has become a necessity for cybersecurity experts to provide guidance on the threats that pose the maximum risk to organizations and employees as well as ways to tackle them. Simple tips for securing their digital profile – from picking strong passwords and safeguarding connected devices with multi-factor authentication (MFA), to securing home networks and keeping software up-to-date really go a long way.
He added, “With remote working becoming the new normal, it has become a necessity for cybersecurity experts to provide guidance on the threats that pose the maximum risk to organizations and employees as well as ways to tackle them. Simple tips for securing their digital profile – from picking strong passwords and safeguarding connected devices with multi-factor authentication (MFA), to securing home networks and keeping software up-to-date really go a long way. Businesses must also do their part to make the digital world a safer place for customers, employees and partners. This begins with protecting access – especially privileged access – to their critical enterprise assets.”
Related story: State of Enterprise IT Landscape [INFOGRAPHIC]
Complete the Endpoint Security Survey and win lots of amazing goodies!