Amid the ongoing COVID-19 pandemic, prioritizing employee health, safety, and well-being will continue to be key to building resilience, continuity and operational readiness in 2021 and beyond. Accomplishing this requires a robust communications system across the enterprise.
Has the pandemic and remote working created an environment of heightened risk of insider data breaches? Here, Darren Cooper, Chief Technology Officer (CTO) for Egress, speaks to Security magazine about what organizations can do to prevent data loss.
The pandemic has accelerated digital transformation for many organizations. Global remote work and increased digital interactions means an exponential growth in digital footprint for individuals, as well as corporations. Having to store, process and move this much data quickly into the cloud and manage the expanded digital footprint requires agility of decision making and security and privacy by design implementation and operation.
Another challenge is the new home office, where spouses may be working remotely, often alongside their children attending school online. Home networks lack typical protections and bifurcations of the corporate office and may be prone to attacks using lateral movement techniques. In these scenarios, after gaining initial access through an insufficiently protected device, such as a family computer, attackers move deeper into a network, searching for other devices to compromise or obtain increased privileges. This continued probing could eventually lead to the exfiltration of sensitive corporate data or high-value intellectual property.
As economic uncertainty continues alongside the ongoing pandemic, IT and Security budgets are likely to see modest - if any – growth this year. Therefore, it will fall to CIOs to focus on maximizing existing investments, getting back to the basics, and doing more with the same (or less).
There are some core principles I believe are important to keep top of mind when it comes to minimizing risk and maximizing budgets.
In 2020, organizations fast-tracked digital transformation and cloud migrations to provide remote capabilities to employees, customers and overall processes. Many times, these programs were started without a proper threat landscape analysis. In 2021, it’s important to revisit any rushed decisions made in 2020 that could impact a company’s digital footprint and cybersecurity.
Have you considered a career as a cybersecurity professional, but weren't really sure if you had the right degree or skillset needed for success? Here, Jay Leaf-Clark, Head of IT at Dashlane, walks you through how to get started in cybersecurity.
We have come to a point in the world where IT is being called upon more than ever due to the surge in remote work and technology’s increasingly significant role in driving business direction. The pandemic disruption has increased internal-control risks, leaving every business to adapt and have an increased focus on the overall technology vulnerabilities. To accomplish all they need to keep their organization secure, IT departments have been brought to the realization that they must prioritize building trust among their business partners – but that trust doesn’t happen in a flip of a switch, there’s a variety of steps both parties have to take in order to reach the light at the end of the tunnel.
Technology continues to evolve at a pace that creates an environment where the abundance of choices and information can sometimes become overwhelming. Having a conversation about what current video surveillance technology can do in simple terms is helpful, as a security leader in charge of technology within the organization must sift through the available options and capabilities that weren’t readily available in the recent past.
On March 15, 2021, the California Attorney General’s office announced that the Office of Administrative Law has approved the Attorney General’s proposed changes to the CCPA regulations. The new regulations make three general changes relating to the right to opt out of sales and one change to authorized agent requests. In addition, the Attorney General’s press release reaffirms that enforcement activities are proceeding.
RSS
