Emerging Smarter: Rethinking Security Essentials

Last month, we discussed the importance of Business Continuity Planning and how this has helped shape the cybersecurity priorities that were put into place at IBM during COVID-19. While lockdown and stay-at-home orders are lifting in some communities, others are contending with record high numbers of cases causing a reevaluation of measures being taken.  So, how are organizations staying secure as they juggle the dynamic nature of this health crisis and resume business operations in a changed world?

Rethinking Security Essentials

Priorities fulfilled during the pandemic, such as securing remote workforces and identifying essential functions and resources, are becoming part of the new normal. As business models pivot to meet demands of their customers in new ways, security leaders and CISOs are looking to transform IT and cybersecurity architectures to align faster to innovation and mature their security posture. As the transformation begins for some and accelerates for others, there are three “security essentials” that have come to light: 

1. Employing and securing the hybrid cloud

Today, many employees who have been remote for months are gradually returning to the workplace, still working from home, or doing both. Customer needs and preferences are also changing. To remain competitive and flexible, organizations have had to accelerate their digital transformations for their clients and for their workforce alike. The elasticity of the cloud and SaaS can add, shift, and secure changing workloads and collaboration tools without having to worry about traditional IT constraints. 

2. Continuing the “Zero Trust” journey

An IT infrastructure that hosts data across different applications and platforms can expand attack surfaces and create gaps that allow security threats to be missed. Security teams must adjust their threat detection and response approach to focus on users, applications, data and endpoints – and the context in which each of those factors align. When Implementing Zero Trust, Context Is Everything

3. Drawing on virtual resources to extend security teams and augment expertise 

The fact that security skills and labor are in short supply is not news. As CISOs work to optimize their threat management lifecycles, they are challenged to find the resources needed to bridge the skills gap. Organizations that can simplify the way their resources are brought together, by incorporating automation, machine learning and AI, can move existing skills to even higher value. 

Sharing and learning in the pursuit of improvement

For my peers and colleagues interested in hearing more about addressing the cybersecurity risks that have become a persistent and pervasive part of our new reality, please register for a webinar on June 29th: Security Essentials in the New Normal of Today and Tomorrow. I’ll be joined by my IBM Security colleague Aarti Borkar, Vice President of Offering Management, and Jon Oltsik, Principal Analyst and ESG Fellow at ESG Research. If you have questions in advance of the webinar, I’d love to hear them in the comments below.