View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Strategy
June 8, 2020

Security in a Post-COVID World – Your Team, Your Future

"New tooling or intelligence approaches can help automate steps for key areas, such as security analysis and investigation"

By CBR Staff Writer

The current pandemic is one of the biggest events in human history. It’s affected healthcare, government, public sector organisations, international supply chains, media companies and large swathes of retail. For some, the pandemic is a serious business risk that puts livelihoods at stake. For others, the shift to online business models has been a boon, increasing traffic levels and attracting spend. Either way, this puts IT – and IT security in particular – under the microscope, writes George Gerchow, Chief Security Officer, Sumo Logic

George Gerchow, Chief Security Officer, Sumo Logic

However long it may appear, it looks as if there is an end in sight. Potential vaccines are in research, which should help everyone once testing is completed. For countries initially affected by the pandemic such as China and South Korea, their economies are starting to open up again and the lockdown process is being gradually reversed.

For countries in Europe and the US, this process is frustratingly close and far away at the same time. What unifies all companies across the world is how they get back to normal, whatever normal will be in the future.

Thinking Ahead

To prepare your security team for this change, it’s worth spending some time on what will be coming next. Depending on your company and its position in the economy, this could be an exercise in belt-tightening and cost reduction, or about keeping up with digital transformation and online growth. Either way, the picture for security may be different from what exists today.

Whatever is coming, preparing your team is an important first step. Creating a ‘mission statement’ for the security team is a good way to prepare. It might seem like a case of too much management-speak in action, but there is a practical reason behind this. It helps everyone understand what is expected of them and what changes will be coming up. By defining your approach, you can put a baseline in place, set what the “new normal” is for the business and  prepare for whatever the future holds.

Secondly, make a prescriptive decision on how you will run your security operations in future. This will be based on the success of your business today, what your forecasts suggest  over the next couple of years, and what timeframes are realistic. Now, none of us are fortune tellers; however, we can define what we intend to deliver over time and look to stick to it. This prescriptive approach demonstrates leadership to your team and provides guidance to the rest of the business as well.

Alongside this forward-looking approach, consider how to implement some new practices and procedures to support your team. For example, organisations will look at whether they will bring all their employees back in one go, or stagger their offices being opened. For your security team, you have a similar choice to make.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

To support social distancing, you may want to stagger team members being in the office. This should make transmission of any infection between security team members harder, while making the transition easier. You can also consider looking at meeting areas for social distancing and hygiene support, so that people feel comfortable coming back in.

Demonstrating empathy during this difficult phase is also important. Team members should feel that their wishes around getting back to work are being respected – whether that means relieving the strain of juggling family life alongside remote work, or enabling a return to a familiar working environment and team. The idea should be to phase in any changes gradually. Your approach should reflect how you are looking at the long-term picture for your team’s health, and demonstrate how you support your team in being effective around their goals.

Making the Most of Security

For many security tasks, the ability to perform well is inextricably linked to personal workspace and, in particular, the amount of screen real estate employees have. While some will have been able to take monitors home and carry on as normal, many will have been restricted to working from laptops. This will have led to some compromises and changes in how people work.

However, some of the adjustments may have led to better results or more effective collaboration. New tooling or intelligence approaches can help automate steps for key areas, such as security analysis and investigation. If you found any benefits from remote working then you can start adding them to complement your previous processes.

Lastly, discuss some new approaches to how you run your team. This can be a team-building activity during what will remain a difficult and stressful time. For example, look at how to support teams that are split across locations – carrying out remote sessions for team-building such as eating lunch together over video calls or having non-work related calls can really help. It will take some time to get back to normal, but these efforts can help everyone find their stability while under pressure.

For security teams, this process of implementing the “new normal” will affect them in two ways – the first as a department, and the second as part of a company within the wider economy. To get ready for these changes, it’s important to prepare. Using your data, your processes and your team skills can all help.

 

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU