Don’t Abandon Security During a Crisis
Working within dispersed teams is often part and parcel of a CISO’s job. In fact, before COVID-19, 7% of Americans were working remotely either part or full-time, according to the 2019 National Compensation Survey from the Bureau of Labor Statistics. But in the wake of social distancing, almost all organizations are operating 100% remotely.
Other members of the C-Suite might elevate the importance of productivity with remote teams. But as security executives, we should approach the issue from a cybersecurity angle. This is not the time to take our eyes off security in trade-off for expediency. For IT professionals in industries not well-versed in remote work, this notion is especially true. The sudden shift to remote work across entire organizations has highlighted faultlines in some professions, with industries like health care, education and service/production feeling the pressure. CISOs within these industries are called to expand on already successful security strategies with their teams — who are often already dispersed to some extent — in a potentially unexpected way.
These CISOs are pressed to weigh operational efficiency with security, forced to manage risks while maintaining “normalcy,” and ease up on employee end users in order to allow for more productivity across the company. They also might be having conversations with the COO/CIO or even the CEO about which processes impact operational efficiency the most. But this is actually the time to...