The challenges of being a CISO during the COVID-19 pandemic

The pre-COVID-19 CISO. The global COVID-19 pandemic has been a tumultuous time for Chief information security officers (CISOs) who on any given day have a long and complicated list of responsibilities. CISOs are no strangers to disruption and challenges, but during the pandemic they have faced many disruptions it has caused and created a wealth of new challenges.

Securing a rapid transition to a remote workforce. COVID-19 accelerated the shift to remote working globally and, while the opportunity to work from anywhere has been welcomed by many globally, it has presented multiple security challenges. The most immediate challenge was as employees suddenly found themselves in a remote working model, CISOs had to adjust and determine how to establish secure connections for newly remote workforces who were suddenly working from home on devices that have never been part of the corporate domain before. In my organisation, we had the best-case scenario, to ensure business continuity, employees had been previously transitioned to company issued devices that were already managed by the security organisation.

An explosion of cyber risks and a complicated and constantly changing threat landscape. The initial challenge is that with a remote working model from the threat actor’s perspective, all of these employees working remotely, isolated in their homes, and working on potentially unsecure devices and networks present a perfect storm opportunity.

A collateral effect of the rapid expansion of remote working has been the related cyber risk of cyberattacks aimed at the remote workforce. Aside from the need to rely upon home Wi-Fi or other networks potentially lacking the protection available in a workplace setting, employees working remotely may forget or ignore the Security 101 basics, such as failing to use virtual private networks (VPN) or signing into work accounts using shared fa ..

Support the originator by clicking the read the rest link below.