This extraordinary year, with its rapid shift toward remote work force, has brought about changes in the cybersecurity landscape. With the security perimeter widened by use of devices outside the office, businesses are using the cloud more than before. According to a recent CompTIA research report on the state of cybersecurity, 60% of respondents were taking a more formal approach to risk management and threat intelligence; however, there’s always room for growth. Read on to learn how 2020 events have changed approaches toward cybersecurity.
Acceleration of Cloud Computing
One trend in the report is the acceleration of the use of cloud computing. With so many employees working remotely, companies have, at the very least, sent their employees home to work and hurrying to secure day-to-day operations. With this increased use of cloud computing, keeping an eye on the threat landscape is still vital. Cyber attacks have increased, including “phishing,” and are now considered inevitable. The question is how companies will respond.
Cybersecurity the Responsibility of the Entire Organization
Cybersecurity is no longer merely the responsibility of the IT department. From the newest employee to the board of directors, everyone has a responsibility to help protect data and systems. The executives and board can map out the plan for cybersecurity, beginning with assessing current risks to data and systems. Every employee can be trained in how to handle cyber attacks, and how to prevent them from occurring. Upper management can set the tone, creating a culture of cybersecurity.
Formalization of Cybersecurity Practices
Along with the increased momentum of cybersecurity adoption, the approach is becoming formalized. According to the CompTIA survey, the majority of companies have taken a more formal approach toward cybersecurity, adopting metrics to measure how well they’re doing. The process starts with risk assessment and management by directors and executives. What security pitfalls might come with remote work? How secure are a company’s data and systems? Formalization of practices also includes measuring and monitoring security efforts that are tied to business objectives. Such metrics might include how many systems have current operating systems, or what percent of employees have been trained in avoiding phishing schemes.
While some aspects of cybersecurity (like an ever-evolving threat landscape) are the same, many businesses are changing their approach to cybersecurity. For help in evaluating your company’s approach, contact us today.