What’s Keeping CIOs Up at Night? Cybersecurity Issues
If you’re reading this, chances are good you live in the South. You also may not have been able to gas up this morning.
And it’s all because of a ransomware incident of the Colonial Pipeline system on May 7.
(The company moves about 45 percent of all the fuel used on the East Coast. The southeast corner of the country in particular has been hard hit. Atlanta on May 11 reported that one out of five gas stations said they were out of fuel, according to the link above.)
Such types of data breaches are increasingly common. In fact, the story above reported that the country’s Homeland Security Secretary Alejandro Mayorkas said that U.S. organizations have lost more than $350 million from ransomeware attacks so far this year. (And we’re not even halfway through 2021!)
Cybersecurity has been a HUGE concern for CIOs for years
In fact, it topped the list of IT C-suite members’ worries even prior to the pandemic.
Of course, corporations aren’t just worried about hackers accessing their production infrastructure. Many people have moved to working from home this past year and about 30 percent of employees (worldwide) have said they had an online account hacked since the start of their WFH transition, according to a OneLogin survey of 5,000 people.
So it’s just not external cybersecurity threats and the hits to a CIO’s chances for a good night’s sleep just keep on coming:
- Revamped business models.
When a good chunk of your workforce moves in a mere week or so to work from home – and then stays there for more than a year – the CIO has a lot of work to do!
He or she has to rethink everything, from end-point security controls, remote infrastructure, having employees who work from home get application updates from the internet without the need to connect back to the company’s network… and a ton more.
But possibly the largest issue is the fact that the company’s entire cybersecurity program as well as how the cybersecurity team will approach threat management has to change because everyone’s home network is vulnerable.
- New digital channels and even the need to “re-architect” their workforce for remote work – and security.
Employing a remote workforce basically means that your “network perimeter is wherever data flows.” As such many organizations will need to start moving their IT systems’ focus to one that’s more data centric.
Email gateways, web gateways, endpoints – all will need to be secured for threats from practically everywhere. If your CIO’s main focus wasn’t on this security before, it is now!
The new technologies that undoubtedly will arise to help facilitate seamless work among remote workers always will create new or “hidden” risks to a company’s cybersecurity.
And let’s not forget the fact that as the “internet of things” grows, so will a company’s attack surface area.
- Hybrid work scenarios
As companies all over the country found that remote work definitely could be done, so did the talk of allowing a good portion of workers to work from home permanently once the pandemic retreats.
That’s changed in recent weeks as the economy has started reopening and both employees and company leaders are discovering that something definitely is lost when WFH is ATT (all the time): a feeling of true collegiality and cohesion among co-workers and their managers.
But a hybrid workforce, in which employees toil from home one to three days per week and head to the office on other days, also brings its own issues, separate from those of a full remote workforce but just as worrisome.
What’s more, while it was hard enough to transition to work-from-home, it could be even harder to move to a hybrid scenario.
Tips for CIOs to make a hybrid workforce more secure
- Update cybersecurity policies so that employees know what’s expected – and what they must do – to keep your company’s information secure no matter where they happen to be working.
- Consider creating a separate network. A new VPN for employees to log in on when working remotely can enhance the security and accessibility of their accounts.
- Provide digital security training to employees. After all, they won’t have internal IT support when working from home. Offering continuous troubleshooting training and tips on how to lessen threats can go a long way to enhancing security. As can updating them as soon as new information
- Limit employees’ access to data. The less data they use on company devices, the less they’ll use it for personal reasons…and therefore the less chances they have of having personal – and company – information compromised.
- Test your company’s devices. Find out how vulnerable they are to attacks.
Tackling cybersecurity issues with talented IT specialists
The Intersect Group sources and recruits highly skilled information technology professionals and we can find them quickly for your temporary/project needs as well as for full-time hiring.
Learn more about how we can help you with your IT workforce recruiting.