Raqmiyat director for Cybersecurity and Infrastructure Abhijit Mahadik shares valuable insights into how security priorities have shifted due to the COVID-19 pandemic and how organisations can stay secure and competitive in the new normal.
The ongoing COVID-19 pandemic has significantly transformed the way businesses operate today. How has this shift impacted security investments and strategies?
Post-COVID, we are seeing a major change in the way business is done. The new normal way of doing business is emerging, changing the entire cybersecurity threat landscape. Threats are also evolving as is the new normal in parallel. Investment priorities have also shifted as per the new normal. We believe CISOs and cybersecurity teams will continue to make various security niches high priorities for spending including perimeter security, as customers will continue to prioritise short-term spending on security for remote workers. Secondly, they will increase their focus on next-generation identity and access controls. Customers that had delayed adding MFA to legacy systems are now accelerating its adoption or are moving to cloud platforms.
As expected we will also see amplified investments on solutions around remote access as CISOs continue to support virtual workarounds for help-desk staff who would work in the office under normal circumstances. Finally, we expect that the cyber awareness training—that developed in-house and that delivered by an outside provider—that CISOs offer will be adapted both to cover remote-work situations and bring-your-own-device policies and to be delivered virtually.
How can IT and business leaders implement robust security measures while ensuring that their employees are in tune with such procedures without stifling productivity?
Before deciding to enforce work-from-home policies, businesses, IT and security teams need to conscientiously assess their resources. They also need to project how much the implementation will strain the IT team and assess what risks must be factored in and address.
Organisations need to also consider deploying security solutions that feature strong web security protection on employee endpoints, as well as technologies capable of preventing network vulnerabilities from exploitation. Another key aspect that they need to keep in mind is setting up and supporting a conferencing software that ensures a stable voice and video connection, as most meetings will occur virtually and reliability is key. Furthermore, employees may need reminders to ensure that they adhere to proper cyber hygiene such as changing their passwords before leaving the office, therefore, sending out rules and guidelines to ensure that employees are in tune with such procedures without stifling productivity.
What solutions or technologies should organisations focus on to ensure that their security measures are future-proof?
We have been seeing CXOs struggling to cope with rapidly changing areas such as endpoint security and privacy, access control and governance as well as unified cybersecurity compliance and automation, as they continuously adapt to remote working or hybrid working models. Organisations should adopt and focus on these areas to ensure that their security measures are future-proof.
A major challenge for enterprises has been maintaining business continuity while ensuring cybersecurity. As a key player in the regional IT and security industry, how is Raqmiyat enabling organisations to stay secure while remaining agile amid the ‘new normal’?
The COVID-19 pandemic has made a significant impact on cybersecurity. Simply put, for customers, it required them to invest more time, efforts and resources to maintain their security postures. Subsequently, it also placed greater responsibilities service providers in terms of effectively supporting organisations and their security needs. Raqmiyat plays a vital role in assisting customers in their evolving cybersecurity needs by providing them with the right consultancy, services and roadmap for a secure future. Post-COVID, Raqmiyat aims to further support customers and businesses who are struggling to keep up with doing business in the ‘new normal’, new advanced technologies and digital transformation and the evolving cybersecurity threat landscape.
Where do you see the security landscape heading in the next few years, what best practices should organisations adopt to cope in a post-COVID-19 world and stay competitive?
With the outbreak of COVID-19, there are widespread extended requirements for staff to work from home. The phrase ‘work-from-home’ brings-in fears on data security. It also increases the security risks brought by unmanaged endpoints such as end-user owned remote desktops, PCs and laptops used by staff, external vendors, partners and contractors.
CXOs are worried regarding security of sensitive corporate information, as their workforces are now spread geographically and are operating out of uncontrolled, unsecured home environments. Therefore, securing these unmanaged devices will be key to staying resilient and competitive. Tools such as threat monitoring solutions based on dynamic and agile threat models will also play an important role in the future.