Covid has changed how we think about cybersecurity


Covid has changed how we think about cybersecurity

Initiating waves of digital transformation, the pandemic has forced companies and their customers to take a holistic approach to online security

COVID-19 sent shockwaves across industries, governments and communities, impacting every person on the planet. Overnight, organisations that people depend on for employment, healthcare, education, infrastructure, and essential services had to rapidly transform digitally just to function remotely.

Some maintained continuity by moving entirely online in a matter of weeks, creating demand for virtual processes, remotely managed operations, and virtual collaboration on a scale we’ve never seen before. Microsoft’s Satya Nadella said the company had seen two years’ worth of digital transformation in just two months.

Any time a process or function goes digital, it creates a potential cybersecurity vulnerability, especially when so many systems are implemented so quickly, further complicated by the requirements of remote connectivity. Security teams have been forced to adjust to new paradigms, find new ways to triage threats, and simplify tools and processes—rapidly.

With our technologies in the hands of billions and serving as the digital platform for much of the world’s infrastructure, Microsoft in many ways has been at the epicentre of this disruption and acceleration of tech intensity and enablement. Like everyone else, as the pandemic initiates waves of digital transformation, we’ve been learning continuously from customers and our own experiences.

Here are five observations from that vantage that we think are here to stay.

Security is the key to digital empathy: It’s safe to say that many companies will continue their remote work policies going forward. Some will operate under a hybrid model where certain roles are based in the office and others remain home. Some will stay entirely virtual. The question becomes how to protect the organisation while also nurturing productivity, innovation, and collaboration.

Technology’s role is to support and enable how people work and navigate through a pandemic. Security’s role is to safeguard the digital assets they’re using with as little impact as possible. And although people are working in unanticipated ways under stressful conditions, IT systems must allow for this diversity of work styles and scenarios — and embrace human error — more than ever.

This is digital empathy.

Security pros used to say that controls were built because humans were too casual. We need to change that point of view. Going forward, we must improve controls to support and empower people amid the new challenges they are managing and performing under constraints.

Companies should adopt a Zero-Trust posture: Historically, organisations have trusted a finite set of apps and devices they own and manage, largely behind their firewalls, mostly in their well-managed offices. Today, to meet employees where they are, they must secure apps, data/information, and devices anywhere.

The concept of “zero trust” is about enabling employees to access their work regardless of location or machine, but with a strong authentication and a controlled privileged access. Under a zero-trust model, the identity and access system does not just authenticates the user. It interrogates the machine, the network signal, the data being accessed, and whether the applications being used are patched and updated.

If you trust nothing, you can actually allow access to all things necessary, secured based on its level of risk. When people are working remotely on their own devices, a zero-trust architecture is essential to safeguard them as well as to drive confidence in the systems.

Diverse threat intelligence is key: Microsoft tracks more than 8 trillion daily signals from products, services and feeds around the globe, which helps it stay ahead of the curve. But the number of signals isn’t actually as relevant as their diversity: the location, the device, intel from threat feeds, and other resources like Office 365, GitHub, LinkedIn and Xbox, to name a few.

Diversity of signals allows us to triangulate and synthesise the data into real threat intelligence. During the pandemic, a blend of AI tools and human based-insights has helped identify new COVID-19-themed threats targeting health systems, government aid, delivery apps and more.

This also illustrates how important having contextually relevant threat data is to security operations center (SOC) admins. No two companies or environments are the same, so there is no one-size-fits-all threat intelligence feed.

Continue Reading

Covid has changed how we think about cybersecurity