Before COVID, cybersecurity was a concern for businesses everywhere. In fact, in Microsoft’s 2019 Global Risk Perception Survey, 57 percent of companies ranked cybersecurity as a higher risk than economic uncertainty and brand reputation or damage. Looking ahead, what does all of this mean for the role of the Chief Information Security Officer (CISO)? Not only is it more important than ever before, but the role has shifted since the start of COVID.
Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems. In today’s cloud-native world, almost nothing is on-prem, and because of the explosion of apps, remote users and devices, it has become a considerably more complicated task, by orders of magnitude, to verify the identity of a user — or a service — and determine policies that say what they are and aren’t allowed to do.
Organizations need to evolve their thinking around cybersecurity to stay ahead of these changing threats. A holistic approach that effectively builds security into all infrastructure and processes from the ground up is cost-effective and necessary to safeguard valuable employee and customer data. This requires an overall shift in philosophy – and adopting the concept of security by design is a key first step.
COVID-19 has completely changed our world from six months ago, as we continue to battle the grave health implications, face extended stay at home orders, and grapple with the insurmountable ramifications on our economy. The pandemic has also forever changed the cyber threat landscape, with our workforce becoming more dispersed, and potentially more vulnerable, than ever as organizations switch out of the confines of their offices and move entire data streams to their laptops and home offices. On top of this, Salesforce has announced it is ending its Data Recovery service on July 31st, which is putting all of the data protection responsibilities, and the dire consequences that comes along with it, on the backs of the customer.
As the financial services industry moves toward an ever-greater dependence on technology, we must always keep an eye on the future to ensure that any new technological advancement or implementation delivers the same, if not better, benefits and risk management capabilities. One emerging area that has garnered a lot of attention in recent years is Distributed Ledger Technology (DLT). While DLT holds great promise, there is currently no clear path around how to implement the technology in a way that addresses documented and evolving security risks.
Counterfeiters do not take time off. At its core, counterfeiting preys upon our vulnerabilities and takes advantage of the average customer at any cost. This is particularly true right now during the coronavirus pandemic, the most inconvenient and vulnerable moment in generations. In the midst of mass shortages and colossal demands for certain products, especially in the health field, the counterfeit community has seen a golden opportunity. Over the past few months, tens of millions of new counterfeit products have been seized or identified on the web. These include fraudulent face masks, ventilators, disinfectants and testing kits.
Evacuations and lockdowns are two events no organization wants to face, but every organization should be prepared for. They often happen in response to particularly dangerous situations that pose an immediate threat to people and property. It can be difficult to know how and when to make the decision to lockdown or evacuate, and it can be even more difficult to manage once the decision has been made. In either case, it requires organizations plan, test and have the right tools in place to reach all of their people quickly with information on what actions they should take to stay safe.
Unfortunately, the pandemic has forced many people and businesses to reconsider biometric technology. With the COVID-19 virus spreading easily through touchpoints, fingerprint scanners can quickly become a source for infections, especially in public spaces. Offices and ATMs contain many points of contact, and maintaining cleanliness on surfaces is nearly impossible. Unfortunately, these high traffic areas are also frequently the ones that would benefit the most from increased security.
It’s easy to see why the Open Supervised Device Protocol (OSDP), has become the security industry’s gold standard for access control installations. It enhances security, adds flexibility and makes systems easy to update and integrate with other devices. The Security Industry Association (SIA), with significant input from manufacturers and integrators, introduced OSDP in 2011 and it is now recommended for any public or private enterprise installation requiring a high level of security. Earlier this year, the International Electrotechnical Commission approved OSDP as an international standard.