How the Pandemic Changed Security Posture & Prioritization
The global COVID-19 pandemic has significantly impacted life. Entire organizations were forced to work remotely while cybersecurity teams were suddenly adapting to protect mission-critical data and IT environments in new ways. Initially, it was perceived as a temporary impact, which later became a long-term change, causing teams to redefine their cybersecurity strategy. The cyber-attack vector has now expanded to the employee's insecure home networks and devices.
As the threat landscape grows, security professionals face a difficult question: what are the most important security projects for protecting the enterprise? Strengthening a company's security posture relies on fast, agile, comprehensive and thorough analysis and implementation — not just for cybersecurity technologies but also from a business strategy and human capital perspective.
We'll discuss the findings of a cybersecurity survey that details how experts like you are dealing with challenges in their businesses. Later, we'll share insights into how you can strengthen your security posture.
Finding Out What Cybersecurity Professionals Want to Prioritize
We thought it would be good to understand the actual pressure and projects top-of-mind for people in the security field. That's why we worked with our colleagues at Dark Reading to find out what cybersecurity experts, people like you, really think. We've included some of the highlights of their survey below.
Remote Access is the Biggest Priority for a Strong Security Posture
The move to remote access because of the pandemic has completely upended cybersecurity approaches. Out of all the survey’s responders, 39 percent have made remote access the top cybersecurity priority. The other projects include virtual private networks (VPNs) (36 percent), authentication (35 percent), protection against phishing attacks (29 percent), and cloud security (25 percent). Endpoint and network security are also high on the list, with 24 percent of security professionals prioritizing them.
COVID-19 Impacts Cybersecurity in Other Ways
Here's the percentage of professionals that "strongly agreed" or "agreed" with the following statements:
- I believe that my organization's cybersecurity staff are stretched too thin, which may result in burnout and/or increased risk to critical data: 70 percent
- I believe the pandemic will fundamentally change my organization's computing and data security strategies over the long-term: 55 percent
- I believe the COVID-19 crisis will necessitate significant changes in IT and security environments in 2021: 70 percent
- My organization will be forced to cut IT security budget due to the effects of the COVID-19 pandemic: 37 percent
How Public Key Infrastructure (PKI) Can Strengthen Your Security Posture
While remote access and authentication projects are top of the list for organizations that support remote work, many enterprises are considering endpoint protection and VPN security as the most effective way to combat cyber threats.
Securely Authenticate Remote Employees Into Your Network With PKI
Modern PKI deployments enable automated digital certificate provisioning to mobile phones, tablets, and laptops through a mobile device management solution such as Microsoft Intune or VMWare Airwatch. These certificates can be used for passwordless authentication for any corporate network resources or applications.
Secure Virtual Desktop Infrastructure (VDI) With PKI
Virtual desktop infrastructure makes it easy for remote employees to access all their files and applications from anywhere in the world while allowing that data to still live on the corporate server. Digital certificates can be used for authentication and data encryption for the VDI environment.
Enable Zero Trust Remotely With PKI
A building block for Zero Trust implementation is the widespread deployment of Transport Layer Security (TLS) in today's devices and software stacks. TLS relies on digital certificates, powered by public key infrastructure (PKI), to identify machines and protect machine-to-machine (M2M) communication. These certificates authenticate and encrypt all transactions in your network, regardless of where users or devices are located.
How Can HID Global Help Meet Your Cyber Security Needs?
HID Global provides an industry-leading, cloud-based PKI system: HydrantID. HID HydrantID's cloud-based private PKI-as-a-Service enables organizations to quickly create and deploy their own enterprise private PKI trust hierarchies to secure their networks, IT systems and IoT devices.
You can learn much more about the challenges and findings from cybersecurity experts in Dark Reading’s survey report, available here. To learn more about how PKI can enhance your protection in a post-COVID, remote access world, speak to one of our PKI experts.
Mrugesh Chandarana is Product Management Director for Identity and Access Management Solutions at HID Global, where he focuses on IoT and PKI solutions. He has more than ten years of cybersecurity industry experience in areas such as risk management, threat and vulnerability management, application security and PKI. He has held product management positions at RiskSense, WhiteHat Security (acquired by NTT Security), and RiskVision (acquired by Resolver, Inc.).