“How should we adapt our cybersecurity controls to address the new WFH reality?” This question is top-of-mind for CIOs and security executives. When it comes to cybersecurity in the post-COVID era, every CIO needs an answer to three key questions:
- What are the changes in usage patterns and architecture in my IT environment?
- How do these changes affect risk?
- What changes do I need to make to my cybersecurity posture and control environment?
Changes in usage patterns and architecture
For many organizations, working from home (WFH) was uncommon, especially for traditional office workers in horizontal business functions like finance, human resources, marketing, and so on. In addition, they are used to going to someone’s desk when they need something. This affects usage in two ways: remote access is now critical for many employees, and communication and collaboration solutions are essential for many employees’ effectiveness at work.
Of particular importance are the most sensitive applications that often run on-premises on separate networks. This poses a problem not only for protection needs, but also for compliance with global and industry regulations.