The Evolving Role of CISOs in a Post-Pandemic World: Keeping up with Emerging Vulnerabilities

With the turn of the new decade in 2020, the world entered a volatile era. In the physical world, the deadly COVID-19 plagued humanity; fuelled by this breakdown of normal life, the virtual world too witnessed a different kind of plague in the form of cyberattacks. In essence, our entry into 2020 was marked by a significant rise in vulnerability—both on the ground and in the digital world. But while the on-ground virus has been brought vastly under control, the digital threat continues to grow rather unchecked. According to Cybersecurity Ventures, cybercrime will cause an estimated worldwide damage of $10.5 trillion by 2025.

The pandemic has made digital transformation necessary for most enterprises, to accommodate remote and hybrid models of working. At the same time, COVID-19 has reportedly led to a 600% increase in cybercrime. With the 11th Allianz Risk Barometer Report featuring “cyber threats” as the top global business risk—surpassing both COVID-19 and Supply Chain Disruptions—information security has become the topmost concern for enterprises in 2022.

It is no wonder then, that the role of Chief Information Security Officer (CISO) is becoming increasingly crucial for businesses of all sizes, to protect against information security risks and enable businesses to function seamlessly in a landscape so heavily under attack. Here, we take a look at the evolving roles and responsibilities of the CISO in light of the increased cybersecurity threats—in assessing risks, eliminating threats, and acting in the best interest of the company.

The Chief Information Security Officer in 2022

In most enterprises, the CISO is a senior executive who is tasked with formulating and executing the information security program for the company. This includes two basic prongs: setting out appropriate procedures, policies, and security/governance practices; and establishing a risk-free framework for scalable business operations. The end goal is protecting communications, systems, and assets from security threats—whether internal or external. The CISOs are not only responsible for responding to data breaches and information security incidents, they must also anticipate, assess, and actively manage new and emerging threats. Additionally, they need to work collaboratively within the company, to ensure that information security initiatives are aligned with the business goals, and capable of mitigating risks to them. For instance, the CISO often works closely with the Chief Information Officer (CIO), to procure products and services, ensure processes for averting security threats, and develop a recovery plan for business continuity in case of an attack.

Some other duties of the CISO include formulating security objectives and metrics, managing employee security awareness training, conceptualising secure business and communication practices, ensuring compliance with the rules for relevant bodies, imposing adherence to security practices, managing security product purchases, ensuring that the company's data privacy is protected, and overseeing electronic discovery and digital forensic investigations.

Evolving Vulnerabilities in Post-Pandemic Work Setups

In the immediate aftermath of companies shifting to various kinds of remote models of workings, 94% of CISOs reported the securing of the remote workforce as either an “absolute priority” or a “priority”. In 2022, the need for improved cybersecurity measures is only increasing. While things have stabilised somewhat since the pandemic first broke out, 78% of CISOs still list it as the number one priority—making it the prime focus of the CISO’s role for the second year running.

Going forward, the cost of cybersecurity breaches is expected to increase at a rate of 15% year over year, with cyber criminals increasingly utilising ransomware, blockchain, and other tools to not only launch deadlier attacks but also make it more difficult to detect malicious activities. According to IBM, companies pay an average of $3.9 million for every breach.

However, while the financial strain of such breaches can be catastrophic, those are not the only kind of damages that an organisation sustains as a result of cyberattacks. According to cybersecurity expert Steve Morgan, in addition to the destruction of data, stolen money, theft of intellectual property/financial data, embezzlement, fraud etc., businesses must account for post-attack disruption to the normal course of business, lost productivity, forensic investigation, restoration and deletion of hacked data and systems, and damage to reputation. Keeping this in mind, it is plain to see how the cybersecurity status of a company can single-handedly make or break it. Organisations, therefore, need to combat such attacks and develop a holistic and comprehensive cybersecurity culture—spearheaded, of course, by the CISO.

Reevaluating CISO Priorities in 2022

In light of these new and emerging threats, as critical as the CISO role is in 2022, it is equally critical for all CISOs to reevaluate their priorities for the year ahead. This is especially true for small and medium companies. Accenture reports that over 43% of cybersecurity attacks are conducted against small businesses, and with only 14% adequately prepared to defend themselves, security breaches can be devastating—disrupting operations and damaging infrastructure and assets.

Some of the priority focus areas for CISOs in 2022 include:

1. Securing remote and hybrid workplace models, since moving in and out of perimeter defences bring unique challenges and vulnerabilities. Automating threat detection and response will be a crucial requirement to be able to handle security at scale.

2. Improving “threat hunting” and decreasing the time taken to detect and respond to threats. There must be increased focus on “cybersecurity testing,” in addition to “penetration testing.”

3. Developing a “zero-trust” framework for cybersecurity. This will help businesses to examine the workings of network access, and the products and services on which they rely. Ultimately, it will be critical to evaluate the effectiveness of the complete cybersecurity ecosystem of an organisation.

Evren: The Perfect Partner for a Modern CISO

The CISO’s scope of work in the post-pandemic world has become ever-increasing, expanding, and rapidly evolving. Even for the best of information security talents out there, it will soon become impossible to juggle the demands of the role, without the right automation tools created specifically to handle enterprise security.

With Evren, CISOs can breathe a sigh of relief. A centrally managed enterprise OS that is designed with a core focus on improving cybersecurity, Evren plays a vital role in protecting organisations against all kinds of cyber threats, by providing comprehensive endpoint security. Its simple and quick installation feature allows for easy and secure deployment of any device in 30 minutes, and once installed, it regularly updates itself to keep the system protected against existing and emerging security threats.

For CISOs, some of the key security features that Evren brings to the table include:

1. Full Disk Encryption to protect the entire volume and all files on the drive against unauthorised access. This constitutes the first line of defence in case a device is lost or stolen.

2. Privilege Access Management, wherein end-users do not have admin privileges. The admin password, which is only available to the IT administrator through the Evren OS manager portal, is device-specific and is valid only for 24 hours.

3. URL Filtering, which allows admins to block and allow URLs so that end-users can only visit certain websites. Restricting users’ internet access can preemptively protect your organisation from viruses and malicious content. Additionally, Evren also enables restricting Google accounts to certain domains that can be used on the browser.    

4. Application Sandboxing is a crucial feature that keeps different apps/software on the company devices isolated from each other. Thus, even if one software is infected, the rest remain secure, significantly minimising security threats in the event of a breach.    

5. Log Management, using which admins can set a location (their SIEM or log buckets) where all the device logs are shipped. Since Evren parses all logs on the device and converts them to a readable format, these can be used for monitoring and security purposes.

6. Asset & Certificate Management, which allows central tracking of all devices, with detailed information on the apps, patches, and configuration on each device; as well as the deployment and removal of device certificates with ease. Control over application authentication, network authentication, or self-signed certificates for internal usage protects the organisation against internal as well as external security threats.

7. Remote Device Management, through which USB and Bluetooth devices can be remotely and centrally managed—enabled/disabled through the simple toggle of a button.

The Lazada e-Logistics Case Study: Cost-Saving Benefits of Shifting to Evren

While ensuring security is a CISO’s topmost priority, it must often be balanced with the budget of the organisation, which can sometimes lead to a compromise on security. Evren ensures that cost considerations do not cost your company its safety; in fact, shifting to Evren projects massive cost savings in the long run.

As a CISO navigating the rough cybersecurity waters of this new “remote-work” decade, having a reliable and robust security tool is a game-changer. Evren’s centrally managed and built-in IT features can automate large chunks of the security processes, allowing CISOs the time and energy to focus on the bigger picture of establishing a strong organisation cybersecurity culture.

With the Evren OS, CISOs can now curate the ultimate security dream team to face the new challenges of 2022 and beyond.

--

Looking for the perfect cybersecurity partner for your organisation's security needs? Get started with a free demo.

‍