By Kunal Purohit, Chief Digital Services Officer, Tech Mahindra
Cybersecurity is no longer the sole responsibility of the IT department. It plays an integral role throughout the organization. Leaders must prioritize and maintain resilience on all fronts. Today, as employees spend more time working remotely, outside of a cyber-hardened corporate office, they must make sure that systems, data, and other important digital assets are safe.
The pandemic significantly altered the ways we live, work, transact and communicate. Today’s workforce has become increasingly dispersed. And, with it, the organization’s cyber-attack radius expands as a huge number of devices and locations become a part of the new work environment. While organizational security being the core business trait, a very important question now arises for the organizations – “how IT security moves with people?”
While many businesses are now resuming their operations like pre-pandemic practice, some organizations are planning to stay fully remote or in a hybrid work arrangement where their physical, personnel and system security implications remain of paramount concern. With the current hybrid work era, cyber-attack now can happen from anywhere as access to company information and systems is no longer isolated to office locations.
In every company, no matter what size or industry, there is a persistent battle to protect data from outside threats and cybercriminals seeking to breach digital security in an attempt to access data forselling in the grey market. Business leaders across the C-suite and beyond need to understand not only the nature of the threat, but also the tools, approaches and resources available to mitigate potential intrusion into enterprise networks. Investing time, energy, and money to improve cyber security is important for business resilency and continuity, whether it’s to learn about the current asset inventory, figure out which automation solutions work best, or set aside money and people to plan, prepare, and respond.
As the work culture paradigm changes, organizations must focus on the strategies to provide a safe and secure work environment even on employees’ home networks, which can encounter malicious remote access attempts. To address the increased cyber risk, they should look at many critical considerations for security.
First and foremost, a culture of cyber awareness and good cyber hygiene should be considered to foster a culture of perpetual resilience. Hybrid work grants more autonomy to employees and combines sociability, structure and flexibility for a work culture, which creates an avalanche of concerns about inadequate security for businesses.
Thus, for a company to succeed in our current era of hybrid work, an “all hands on deck“ approach is required. This means that everyone in the company needs to know all the basics about cybersecurity, and constant monitoring of threats and quick response protocols are imperative.
IT strategy as an Integral Part of Business Strategy
A targeted security strategy is only effective if it is embedded in the overall strategy of the company. For example, governance, risk, and compliance (GRC) analysis is suitable for checking the “maturity level” of the company. This tool assesses the general state of the company, such as corporate management and clearly defined corporate goals. An appropriate security policy should be emphasized to secure data whether employees are – in the office, working from home, or digital nomads.
A mature security strategy examines risks early and incorporates risk mitigation options. The development of this strategy begins with the quantification of risks and prioritization of vulnerabilities. A real-time value risk score is helpful as it quantifies and assesses the extent of a potential financial loss within the company due to compromising actions of people, technology, or processes. The goal is to secure data in a way that will not allow theft, manipulation, or encryption.
Basic Steps to Protect All Access Points
How does the company deal with external and internal security alerts? What courses of action are in place, especially in the event of a threat? As more and more companies are adopting multi-cloud solutions, the cybersecurity threat is increasing exponentially. Companies should be able to continuously monitor for suspicious activities with SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response). The multitude of connected devices prevalent across today’s organizations should also be secured and continuously monitored, especially if they are OT (Operational Technology), IoT (Internet of Things) or IIoT (Industrial Internet of Things) devices. Since all of these devices are connected to the internet and to each other, an attack is likely to start on one of them and have serious effects, like shutting down production.
Access management should be based on the principles of Zero Trust and Least Privilege. Zero Trust dictates that all users and work devices (PCs, laptops, smartphones, etc.) — whether inside or outside the corporate network — must be authenticated, authorized, and continuously checked for security configuration and status before they are granted or retain access to applications and data. On the other hand, least privilege is not just a solution that IT can put into place quickly. It is a major change to the structure of the organization that involves not only IT team but also human resources, technical management, and business management. These teams need to work together to indentify which programs and resources an employee needs to have access to in order to do his or her job well. This includes things such as software, apps, documents, ways to collaborate, databases, and a lot more.
Combining Zero Trust and Least Privilege is the most effective combination. This approach limits user and work device access rights to authorized applications and resources. Together, these protocols can then determine which applications and resources an employee needs to access in order to do their job successfully. This includes software, apps, documents, collaboration solutions, databases, and much more.
As organizations transition to hybrid work, it is critical to strengthen IT security. Corporate strategy and IT security are no longer separate work streams, but rather integral components of the core business growth.Data breaches and theft can have severe implications for an entire company if cybersecurity is not prioritized. It is every company’s responsibility to uphold the gold-standard of cybersecurity for today and the future.
Kunal Purohit is the Chief Digital Services Officer (CDSO) at Tech Mahindra and heads TechM’s Digital and Analytics Capability Solutions Units (CSUs) globally. With more two decades of experiance in cybersecurity across a variety of verticals, he has effectively identified best-in-class cybersecurity practices.