Posted: 03 Jun. 2020 4 min. read

COVID-19 Supercharges Cyber

 

Nothing supercharges innovation like necessity. And as we all know, the COVID-19 pandemic has caused instant, radical shifts away from “business as usual” and caused IT and cyber organizations to innovate on the fly. Obviously, the most prominent of these changes has been the work-at-home phenomenon. 

Of all the scenarios that organizations typically contemplate as part of their business continuity plans, you’d be hard-pressed to find anyone asking, “What do we do if nobody, anywhere in the world, can come in to work?” Some companies plan for regional work-from-home scenarios caused by natural disasters, geopolitical events and other disruptions, but the concept of everyone, everywhere, working from anywhere, was not on the radar screen. And yet, that’s exactly what hundreds of thousands of organizations worldwide faced when it became clear that social distancing was the only defense against the pandemic.

At this point in the coronavirus crisis, we have seen a number of organizations do this well. However, it’s not without some significant effort to quickly stand up secure and reliable remote capabilities, connections, and communications. The interesting shift is how organizations will take the lessons learned during this time - what works and what doesn’t - to inform a potential “next normal” in remote working.  What did they quickly put in place that, with more time and strategic consideration, could be a transformative approach to doing business in the future? 

Two Stages of Enablement

When work-at-home first became a reality, IT and cyber teams, alike, were in an intensely reactive mode. They did everything they could to maximize capacity and enable remote access to employees, because system and application availability was the single most important factor for keeping businesses up and running. And, for the most part, they succeeded at creating a remote-working architecture that is “good enough” to get through this first stage of the crisis. But now that some countries are easing social distancing guidelines, these teams need to think about the next stage: What happens after the pandemic? Are there new processes in place that will survive long-term? Will remote working become a standard operating procedure, or will we return to corporate environments?

These are important questions to ask, because some of the process innovations created out of necessity for COVID-19 will turn out to be better than the ones they replaced. And, one changed process often leads to others – for example, banks initially needed to enable employees to work from home, which then required that loan approvals, account activations, wire transfers, and so on become securely enabled for remote employees. For many companies, some of these cascading processes are working well enough to survive and become enhanced for standard practice after the pandemic – including work-from-home initiatives.

Cyber teams will need to understand how organizations will function in the post-COVID “next-normal.” They need to take stock of all of the business processes they need to support, and rethink what cyber resilience really means. Once that’s done, they can reevaluate security architectures and operations to map to their digital footprint in the next normal.

Areas for Acceleration

COVID-19 has already caused acceleration in several cyber-related areas. For example, while there was already a healthy pace of cloud migration prior to the pandemic, many organizations accelerated their journey to the cloud when remote-work policies came into effect, so they could deliver the dynamically scalable systems and high availability that workers and customers need. Securing those virtual work processes is critical to productivity and overall integrity of the cloud environment. This trend will continue – particularly with the prospect of another COVID-19 spike in the fall - and with it will be an acceleration of related cybersecurity initiatives, including:

  • Identity and Access Management - Identity is like dental floss – everyone knows they should use it, but few do so with the appropriate effort and focus. Work-from-home has dramatically raised the stakes on identity and access management and caused many companies to accelerate plans for broad adoption. One of the biggest identity-related problems faced by companies is privilege misuse and compromised credentials, which are used by bad actors and cybercriminals to breach networks. During this time of coronavirus, Deloitte Cyber Threat Intelligence (CTI) has identified hundreds of thousands of nefarious malware and email phishing campaigns attempting to gain access to networks and beyond.  Approaches to digital identity management are starting to change quickly; moving beyond simple logins and passwords, they’re increasingly using advanced authentication methods such as physical biometrics and behavioral monitoring as standard practices. In today’s “zero trust” environment, companies continuously monitor and authenticate users—constantly determining their level of risk based on who they are, what they access, and when and where they do it. 
  • IT Asset Management: Many workers do not have company-supplied laptops or mobile devices, so they are accessing corporate systems on unapproved devices. This redefines the notion of endpoints, and emphasizes the need for a centralized, secure virtual desktop environment that can mitigate the risks of unapproved endpoints. Sure, VPNs are important, but knowing what assets you have, where you have them, how they are protected, and what more they need from a security perspective is key for protecting your organization. (You can’t protect what you don’t know about.) With so many different types of devices connected to the network, the ability to protect them depends first on knowing about their existence. Cybersecurity frameworks such as NIST 800-53 and others specify requirements to inventory technology assets AND tie to their relevance/importance to the business.  Poor asset management capabilities may contribute to the inability to detect a breach for extended periods of time, if the assets are not inventoried and managed. Also, a business could find itself noncompliant with standards or regulations and not even know it, if unknown or unmanaged assets exist on the network.

Cybersecurity Enables Business in the Next Normal

Cyber organizations are accustomed to playing “catch up” in their day-to-day existence. They tend not to be involved in the initial design process for new digital systems or technology implementations, and often have to go in post-deployment to implement proper security controls and cyber risk management. In this context, the pandemic has simply created a magnified version of the reactive world to which cyber teams are already accustomed, but with that also comes opportunity.

The overnight digital transformation of the workforce has shown organizational leaders how cyber is a critical business enabler of speed and scale, and shouldn’t be perceived as a deterrent to progress. When done correctly, a secure-by-design approach enables organizations to quickly and effectively stand up new systems, innovate with confidence, and adapt to new challenges without introducing undue risk. As economies open back up, the focus will be on stabilizing and strengthening many of the solutions and processes rushed into place. This will be accomplished by being more thoughtful and strategic about their deployment, developing the support, security and infrastructure around them, and fully understanding the impact they will have across their organizations and partner networks.

Of all the accelerations caused by COVID-19, the most important could be the acceleration of people’s understanding of the impact of cyber. Cyber is everywhere - from our work to our homes, in the businesses we count on (like our schools and grocery stores), to the innovative research and development efforts behind introducing new vaccines. This vivid realization should inform more thoughtful, more secure, and more effective decision-making across organizations in the future. And that, at least, is one positive outcome of this pandemic crisis.   

Return to the Responsible Business home page to discover more insights from our leaders.

Key contact

Emily Mossburg

Emily Mossburg

Deloitte Global Cyber Leader

Emily Mossburg serves as Deloitte’s Global Cyber Leader. A 20+ year cybersecurity professional, Emily has supported a range of clients and industries helping them to transform and evolve their cyber programs. This includes implementation of new processes and solutions in areas such as data risk, incident and breach response, and cyber resilience. Prior to this role, Emily was the Advise & Implement Solutions leader for Deloitte’s Cyber practice in the United States where she led the development and delivery of cyber solutions designed to better align cyber risk strategy and investments with strategic business priorities, improve threat awareness and visibility and strengthen ability to thrive in the face of cyber incidents. Emily is a recognized leader and authority on cybersecurity and was recently named one of the “100 Fascinating Females Fighting CyberCrime” by Cybersecurity Ventures.