There’s no doubt IT and, by extension, cybersecurity have been utterly transformed in the wake of the COVID-19 pandemic. More people may soon be returning to the office. However, it’s also clear many more will be working from home more frequently than ever.
Some global regions are still in the midst of combating the pandemic, while others are preparing for a possible second wave. It’s quite probable there may even be another wave of shutdowns in the U.S. as a resurgence of the pandemic forces many states to reevaluate their current containment strategies.
A survey of more than 270 cybersecurity professionals published this week by the host of the Black Hat Conference finds 80 percent of respondents said they believe the pandemic will lead to significant changes in cybersecurity operations. Only 15 percent said they believe cybersecurity operations and threat flow will return to normal once the COVID-19 pandemic subsides.
Nearly 95 percent of security professionals also said they believe the COVID-19 crisis increases the threat to enterprise systems and data, with 24 percent saying that increased threat is both critical and imminent. Just this week, reports surfaced concerning how cybercriminals are, not surprisingly, targeting employees working from home.
More than 70 percent of the cybersecurity professionals surveyed by Black Hat said they are worried that quarantined workers might break policy and expose enterprise systems and data to new risks. Two-thirds (66%) also expressed concerns about the vulnerability of the systems and networks used by quarantined workers, while nearly as many (64%) fear a likely increase in attacks by adversaries taking advantage of the crisis.
Shift to the cloud
Of course, employees are not the only ones trying to figure out how to work from home. Most cybersecurity teams are navigating the same challenges. It’s likely that over time a much greater percentage of the tools cybersecurity professionals rely on to manage cybersecurity will be moving to the cloud as a result. After all, cloud-based applications are accessible from anywhere and are typically easier to use than an on-premises application being accessed across a virtual private network (VPN).
In fact, a global survey of 750 IT professionals conducted by the market research firm Vanson Bourne on behalf of Barracuda Networks finds many organizations are moving away from VPNs to embrace software-defined wide area networks (SD-WANs) that scale better to access distributed cloud applications. The survey finds 51 percent of respondents are either in the process of deploying or expecting to deploy one within the next 12 months. Just under a quarter (23%) have already deployed an SD-WAN.
In many ways, the current crisis is merely accelerating IT transitions that were well underway prior to the pandemic. The challenge is cybersecurity professionals need to dynamically define and implement cybersecurity policies as the IT environment transforms before their very eyes. By the time cybersecurity teams craft a policy or rule, the IT environment has expanded to include yet another cloud service or unmanaged endpoint that previously never existed on the network.
Most cybersecurity teams have risen to the current cybersecurity challenges. However, it may very well turn out that the real work is just beginning.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.