sb-au logo
Story image

How CSOs can ensure security and productivity remain resilient during challenging times

21 Apr 2020

Article by Fortinet security solutions director Corne Mare.

As increasing numbers of workers set up office spaces in their own homes, organisations face new and unprecedented challenges when it comes to maintaining operational continuity. Businesses need to remain agile and adaptable in times of rapid transformation. Ensuring that security and productivity remain resilient, regardless of the circumstances, is paramount to business success.

When there are extenuating circumstances, the risk of exposing a company to vulnerabilities increases significantly. For chief security officers (CSOs), this means significant business changes, such as transitioning the workforce to work from home instead of in a central location, can provide opportunities to assess the impacts on security processes.

The CSO role has and always will involve managing risk, no matter what challenges a company is facing. Especially in such an unprecedented situation, like the current COVID-19 crisis unfolding globally, it is critical that CSOs understand the resources they have and, crucially, are keenly aware of the abilities and limitations they can offer.

For many, this means understanding both the technical capabilities of an organisation’s resources and the access that employees require across different job functions. Knowing how these different elements work, and how they work together, can help to mitigate risk and keep organisations running smoothly as they face new challenges.

Many companies will already have contingencies in place for potential obstacles that may impact business-as-usual operations. However, it is critical to review these regularly to ensure that, when the time comes, a company’s leadership can assess the situation and provide guidance calmly, and to maintain composure during a crisis.

Having strategies in place is essential, and it’s critical to frequently reassess and update them to identify and fill any gaps. Additionally, organisations should identify any dependencies and mark them for action and follow up.

There are three key areas to consider when it comes to preserving security and productivity in times of crisis:

1. Providing secure and reliable network access for users: Moving a predominantly office-based workforce to a new online environment will offer new challenges to any organisation. It is essential that all workers can access the devices and resources they need to continue working effectively under new circumstances. This means identifying who does and doesn’t need access to what systems and repositories, limiting access to unnecessary resources, and assigning access to specific resources where needed.

2. Supporting user access requirements: Understanding the different job functions of employees will help in the transition to a new workforce model. Based on this understanding, CSOs can determine how to support user access requirements. For example, if most of the workforce only requires Software-as-a-Service (SaaS) applications like Microsoft Office for their day-to-day work, they won’t require the same user privileges as IT personnel or executive managers who need access to finance platforms and other mission-critical systems.

3. Using existing resources to the full extent of their abilities: It’s important to build a clear picture of what resources are available and where the gaps are. This can help inform decision-making around investing in additional services or technologies.

Organisations rely on careful planning and experienced leaders when it comes to risk management. CSOs must be able to identify the challenges they face in times of crisis and have a strategy in place to mitigate disaster. Having a clear understanding of business objectives will help to maintain operational efficiency while also prioritising security and productivity, in spite of the challenges the business and its employees face.

Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
McAfee finds vulnerabilities in 'temi' the videoconferencing robot
Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More