Nick Rafferty, SureCloud’s COO and Co-Founder , provides his thoughts on how organisations can best assess their cybersecurity posture when moving to the ‘new normal,’ post COVID-19, after imposed remote working.
Recent events have forced businesses across the globe to change the way in which they work, with many organisations having to adopt remote working practices in a critically short period of time.
Rather than the gradual, cautious approach most businesses would have preferred to adopt, the majority were forced to jump in at the deep end with new remote working policies in order to maintain their business operations. Understandably, this rapid shift to remote working meant that the usual assessments and precautions didn’t occur, which has inevitably led to potential compromises in cybersecurity. Cybercriminals are taking advantage of this and exploiting the IT vulnerabilities associated with the rapid adoption of large-scale remote working to carry out increased attacks. According to Info Security Magazine, “online threats have risen by as much as six times their usual levels over the past four weeks.”
Whilst the priority at the start of the pandemic was to keep things running as best as possible, it is important that organisations recognise that this isn’t a case of plugging the gap until things return to ‘normal’. In fact, what was a strange, new way of working a few months ago, will most likely become the ‘new normal’ for many going forward.
While remote working brings a host of benefits even beyond this pandemic, it can also bring a range of new business risks that impact people, processes, and technology. It is therefore crucial that organisations take stock of their new risk and security posture, learn lessons from imposed remote working, and implement a plan to ensure their cyber resilience moving forward.
The best way to address your cybersecurity posture and successfully enter the new era of remote working is through adopting a three-stage approach. First of all, organisations need to undertake a response analysis to review and reflect on what occurred from their rapid move to remote working.
The second step is to carry out an assessment of the new security and risk posture, considering factors such as radically changed perimeter security and data leakage potential. It’s inevitable that some elements in the transition to remote working don’t go to plan, or the assessment might highlight some alarming risk factors, but rather than burying your head in the sand, you should see this as an opportunity to improve and move forward confidently.
Finally, based on outputs from the first two phases, a clear plan can be produced to stabilise and secure your business considering new and emerging threats.
SureCloud’s Cyber Resilience Assessment (CRA) solution provides security assurance for organisations transitioning to ‘the new normal’ of remote working by allowing you to effortlessly carry out this three-stage analysis. This is complimented by our phishing simulation and remote vulnerability assessment tools. We also provide useful remote working guides, including cybersecurity best practices, a checklist of security considerations and security clinics with our expert security consultants. These features, along with access to dynamic reporting using SureCloud’s Gartner recognised platform, mean the Cyber Resilience Assessment solution is an effective way to help your business to validate its cyber resilience, as well as stabilise business operations.
For the majority of businesses, now that the disruption of the initial transition to remote working has passed, it is time to start planning for the future. The emphasis at the start of this period was simply to keep the lights on, but in order to avoid falling behind, or even worse, falling victim to a cyberattack, we’ve got to start thinking about the long-term. Including, what your policies and plans are when moving back into the office.
Check out our fireside virtual conversation on how to ‘Secure Your Cyber Baseline For The New Normal’ with Ian Glover (CREST) and our Risk Advisory Practice Director.
SureCloud delivers its services through a cloud-based platform, offering a suite of pragmatic and integrated Cybersecurity, Risk, and Advisory services. SureCloud provides you with confidence and assurance that your cybersecurity and risk postures are defined and managed. Utilizing decades of combined experience, our team of accredited Consultants works alongside you to understand your business objectives, security, compliance and risk requirements, and how these can be affected by the evolving cyber threats of the modern world.