Finding Cyber Security Opportunities in Crisis. How Business Leaders Can Prepare Right Now
During this time of unprecedented uncertainty, everyone at Axon Technologies is thinking about those who have been affected personally and professionally by the outbreak of coronavirus (COVID-19) and we celebrate those on the front lines helping slow the spread of this virus.
This crisis has caused an unprecedented level of turbulence, across every aspect of our personal and professional life. Nobody was prepared for the pandemic. So when it hit, companies around the world scrambled to make sense of the situation and enable their remote workforce in the quickest and most effective time possible. At times, this speed of deployment was at the expense of cyber security.
Now that companies are finding a way to work in this new normal, and adjust to living and working with the virus I would recommend cyber security leaders take this time as an opportunity to progress security strategies and principles across their organizations. Here are seven principles I’ve found helpful for CISOs navigating uncertain times in their companies:
- Make cyber security everyone’s responsibility not just IT or the Cyber Security team — IT and the cyber security teams enable companies and the workforce to operate securely. But the individual employees can either be the weakest or the strongest link in the cyber chain depending on how well they are able to identify risks and incidents and follow established procedures to respond.
- Build executive relationships across the business to market cyber security as a benefit not a blocker — Involving the cyber security team early across the business units will help prevent a crisis, whether it is with DevSecOps, supplier due diligence, business process security assessment or threat intelligence evaluations of M&A opportunities or business expansions. Contributions from cyber security functions into these initiatives can be truly beneficial to business strategy.
- Demonstrate to executives that cyber security should no longer be seen as a cost capability— As you are building relationships with executives this is your opportunity to find ways of using cyber security as a competitive advantage to how your business makes money. Customers will prefer to choose and trust businesses that look after their personal data. TRUST is the key to Digital growth.
- Allocate accountability for cyber security risk to business leaders— Business unit leaders, data owners and application owners own their data and systems and as a byproduct own the risks to their data and systems. Therefore business leaders must take some accountability for cyber security.
- Balance focus and cyber investment across Prevention, Detection, Response and Recovery —Clearly preventing all cyber attacks is impossible but investment in prevention technologies like Antivirus and Firewalls are the foundations of security programs. We cannot ignore those, but instead we also must increase our focus on response and recovery processes and technologies to move us into a more complete cyber resilient organization.
- Inspire your team for the road ahead— Now is a good time to evaluate the ways your cyber security team can strengthen connections and purpose, both within the team and the organization as a whole.
- Bring partners with you on this journey— You cannot embark on this journey by yourself. The more executive relationships you build across the business, the more the business will demand from the cyber security team, as they transform digitally and find new ways of working and doing business. Look to build relationships with specialised partners who will invest time in understanding your business and offer you solutions to your challenges.
I hope this offers some clarity for chief information security officers (CISOs) who are actively working to weather this storm. If you have any feedback, I would love to hear from you.
Crises are never welcome, and it’s often difficult to see the light at the end of the tunnel. Cyber security leaders and their teams have been primarily focused during this pandemic on securing work from home arrangements and making sure they have the right technology, people and processes in place to manage this new elevated cyber risk they are now facing. We covered in previous Axon Technologies blog posts some of our recommendations to secure remote working — including patching systems, using 2 factor authentication, releasing ‘security approved’ collaboration applications to your workforce, training the workforce on cyber threats and risks, and having processes in place to monitor activities, systems and high risk user groups to detect, respond to and recover from malicious activities across your environment.
It is our objective at Axon Technologies to be the cyber security partner companies need during these times. We want to help organizations navigate the cyber threats and risks they are facing during this crisis, and as they come out of it on the other side. Our solutions secure digital transformation. We do this through our 4 key strategic offerings:
In each of our offerings we have invested heavily in strategic alliances with best of breed vendors to provide a differentiated managed service underlined by Axon Technologies proprietary threat intelligence, subject matter expertise and team of engineers, analysts, and consultants all with a passion for innovation and problem-solving.