20 May 2020

CISOs Share the Biggest Global Security Concerns for the COVID-19 Recovery

Jennifer Bennett

Working from home (WFH), no matter where you are in the world, presents security concerns. Synack, along with CISOs from global 2000 companies, joined together virtually to discuss the security concerns faced for COVID-19 recovery. Our crowd of CISOs from all over the world agree that security in a remote worker environment can present a new level of risk that must be mitigated. Work from home during the next phase – what we can expect and what comes next? 

Forward-thinking CISOs are now thinking ahead to the next phase of the remote workforce. In the face of new unknowns, trust and value are critical as CISOs try to mitigate risk and build for the future. 

As tech companies across the world are creating their vision for the future of work; we saw announcements from Twitter, Microsoft, Slack, and others on their WFH office policies and vision for the future. CISOs are revisiting their long-term approach since it’s unclear how long the pandemic will last. No matter what path organizations take, some employees will have some flexibility and others will stay remote. In the meantime, we’re all just hanging tight as we enter the next phase of working from home. 

With new vulnerabilities and new product adaptation stemming from COVID-19, it’s important to keep agile, scalable security at the forefront to help solve some of the challenges and concerns teams face during WFH. However, organizations are examining how they can work smarter, not just harder, moving forward. Here’s what the Synack crowd has observed as top concerns, consistent around the world: 

Top Global Security Concerns During WFH: 

  • Assessing Risks: No matter where you are in the world, mitigating risks of WFH; remote desktop access, data protection, video conference, are all concerns. Spend needs to be well thought-out, and preferably with a solution that’s a trusted brand, providing low risk paired with value and impact.
  • Setting a New Standard: The “new (and remote) normal” has urged organizations to consider how they could improve their processes and operations for the future. Now more than ever, CISOs are looking to collaborate with their peers at other institutions to set new standards that raise the bar for security. This is especially true in the realm of security testing, where the traditional method of on-site penetration testing is struggling to keep pace with relentless, diverse hacking activity across remote environments.
  • Agile Development Done Right: A swift shift to WFH put pressure on security organizations to adapt quickly. However, CISOs agree that an agile approach to software development should not be confused with a rushed one. CISOs are encouraging their teams to work in an agile and collaborative manner with development teams, but this must be done with quality and care, not with haste. 

Changing working environments bring new risks, but also new opportunities. With uncertainties ahead, CISOs around the world are taking steps to mitigate risks, enhance trust, and capitalize on opportunities that promise value and efficiency.

Here’s our round up of stories from around the web focused on CISOs and the challenges of our global pandemic:

KrebsonSecurity: COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Government Technology: State CISOs Talk Cybersecurity in the Age of Coronavirus

HealthITNews: Penn Medicine CISO offers tips for COVID-19 cybersecurity response