The COVID-19 pandemic has forced organizations and individuals to embrace new practices such as social distancing, sanitizing and remote working. In the last couple of months, as governments are reconsidering ways to ensure that their countries are stable by developing and enforcing new economic plans, and while the world is focused on the health and economic threats posed by COVID-19, cyber criminals around the world are undoubtedly capitalizing on this crisis. In a recent interaction with CXOToday, Ashwin Pal, Director Cybersecurity Services, Unisys Asia Pacific, shares some of his thoughts on the impact of COVID-19 on cybersecurity, the changing CISO’s role in the new normal and how companies can become more Cyber resilient in current times.
How has the enterprise security landscape changed in the last six months or so?
The threat landscape has changed drastically in recent months, as we are seeing increased threats within environments globally. A lot of this has been as a direct result of COVID-19 due to working from home and a move to cloud by organizations to allow remote access to environments. There has been an increase in COVID-19 themed phishing attempts with intruders using this as a means to gain unauthorized access to organisations or to spread ransomware. We have also seen an increase in cloud related security breaches, many of them stemming from misconfigured cloud deployments.
How has the role of the CISO evolved in the new normal? What are the immediate challenges?
Successful CISOs have been able to move into a ‘transformational CISO’ role. This basically means, being able to understand and quickly move to respond to business requirements such as provisioning secure remote working without disrupting business operations. This will continue to expand into other parts of the business as organizations digitally transform in order to cope with the new normal. Transformational CISOs will be able to adapt and respond with approaches that will help secure the transformative approaches that businesses need to take in order to survive in the new normal. The key challenges have been the ability of CISOs to move with pace and being able to respond to this need for transformation. Those that have been innovative and have managed to do this will excel. Those that cannot will perish!
In the current scenario, how can CISOs look beyond the traditional cybersecurity models to secure digital future?
The traditional cybersecurity model of trying to protect an organization simply doesn’t work anymore. Protection is fine, but CISOs have to now accept that breaches will occur and need to be prepared to be able to recover from these quickly without too much damage occurring. This calls for a cyber resilient approach that not only looks at protection, but also extends this to cover identification of key assets, and having the ability to detect, respond to and recover from a breach such that the incident is a minor inconvenience and not a newsworthy event. Automated breach response mechanisms such as dynamic isolation are key here in order to improve response times and limit the damage. Of particular note is the concept of zero trust. With users increasingly working from home and data moving into the cloud, we can no longer control or trust who is accessing our data and must apply the concept of zero trust in order to constantly validate access to data and thus be able to protect it.
How can companies become more Cyber resilient in current times?
The focus needs to change from just trying to protect your information assets. Organizations need to accept the fact that breaches will occur and need to be prepared to be able to recover from these quickly without too much damage occurring. This calls for a cyber resilient approach that not only looks at protection, but also extends this to cover identification of key assets, with the ability to detect, respond to and recover from a breach such that the incident is a minor inconvenience and not a newsworthy event. Automated breach response mechanisms such as dynamic isolation is key here in order to improve response times and limit the damage.
What is the importance of cyber insurance and recent trends in this industry?
Cyber insurance is even more important now as the threat landscape worsens with COVID-19. Cyber insurance demand is increasing as organisations become aware of threats and try and obtain insurance against them. The issues we are seeing are of inadequate cover due to a lack of knowledge about the organization’s actual exposure as well as organisations not being aware of the exclusions in policies which may make the cover inadequate for their needs.
What are your thoughts on the National Cybersecurity Policy?
The National Cybersecurity Policy is a step along the right path only if it is clear in direction and provides enough incentives and penalties within the policy so that organisations know what to do and the consequences of not doing it.
What are the plans for Unisys to secure the future of the enterprise?
A voluntary approach with cyber security simply doesn’t work. Unisys plans to partner with organisations to help them become more cyber safe. This includes everything from allowing organisations to understand their true cyber risk to being able to mitigate this risk taking a more cyber resilient approach. Our offerings continue to morph with the changing threat landscape with a greater emphasis on cyber resilience consulting, zero Trust and micro-segmentation implementation, threat detection and management and risk consulting. Other equally important areas include user education, awareness and training and managed security services.