During the course of 2020, networking security equipment including firewall equipment and intrusion detection and prevention systems (IDPS) was the most severely impacted area, by spending cuts. This presented various challenges for the chief information security officer (CISO), especially considering the rise in remote working.
Some of the security risks of working remotely include unsecure networks, phishing attacks. which often come via email, and issues of computer sharing and personal use (especially with other family members). These challenges will continue and possibly increase into 2021.
Looking at the security challenges for Digital Journal is Marlys Rodgers, Chief Information Security Officer and Head of Technology Oversight at CSAA Insurance Group, inaugural member of the AttackIQ Informed Defenders Council.
Rodgers explains that: “Despite the global coronavirus pandemic, businesses still have to operate and deliver on their promises to clients. This means adapting and finding different ways to enable employees to be productive from the safety of their homes.”
Drawing upon her personal experience, Rogers adds: “As chief information security officer for my company, I am dedicated to structuring and sustaining a security program that enables the business, as opposed to restricting capabilities in the name of minimizing risk.”
To achieve top security, a culture of openness is important, says Rodgers: “I believe in full transparency regarding the company’s security posture, across all levels including the C-suite. This is so that we may work together to understand our risk and prioritize security investments accordingly.”
Rodgers emphasizes her words of advice for security professionals: “These two guiding principles have served me well, and in 2020 especially. They allowed my company to innovate to better serve our customers while simultaneously scaling the security program.”