Your company takes security seriously, but is your Company taking your InfoSec Teams’ suggestions seriously? One of the things that 2020 is showing us is that we certainly need to take our InfoSec Pros seriously. Cybercrime and ransomware have particularly risen in the last 6 months and we need to make sure everyone can speak up and eliminate or at least minimize exposure to those risks.
The early part of 2020 included moves to “open up the office” by closing physical access to offices. InfoSec opened lines of (remote) communication between team members. They made most services and software available through those lines of communication. This meant that services that were available internally, became available from the outside world. This created a number of risk windows that had to be evaluated and closed shut through careful configuration.
InfoSec Principles Facilitate Business
You don’t want to impede work from all the new remote workers, right? We’re sure you also wanted to protect their data while working remotely, but also while transmitting it back-and-forth. The intention is clearly to make business operations run smoothly and avoid blockers caused by InfoSec. Controls in place for protecting against malware, ransomware, and phishing are critical to promoting safe business processes.
If there were any changes that applied to networks hastily, they surely helped businesses stay afloat. Without these changes, Companies would have closed for a number of months, maybe even shut down permanently. Now is the time to make those changes stick and apply them permanently with the intention to provide better protection.
Consult With Your InfoSec Pros
Business areas at most companies have consulted and effectively brought in their InfoSec Pros (or their CISO & team) to the table so that InfoSec concepts are embedded in the business. Coordination as business processes changed for the emergent remote work policies and procedures were critical to a secure implementation.
While most businesses did include InfoSec recommendations, some didn’t and those controls may have been applied at a secondary level. These companies are the ones that will be unprepared for the permanent implementation of InfoSec principles that remote and hybrid work requires.
The Opportunity To Act Is Now
Whenever there is a switch in the applied processes, there is also an opportunity to do things in a way that will cause less pain to the workers, and have a lower cost to the Company.
Make sure you are prepared to quickly apply InfoSec principles to your processes, if you do not have an InfoSec team or a CISO to participate with the key decision-makers, consider having a CISO and their InfoSec team from BlueKatana, in order to reduce cost, you can also take advantage of our CISOaaS Packages. We will guide you towards the best solution for your budget while keeping you protected.