Information Security and the Pandemic: The Role of Security During and After the Pandemic Crisis
by Chris Steffen, Research Director, Security and Risk Management
The coronavirus pandemic has put enterprises into uncharted waters, and companies are doing everything possible to protect their employees while maintaining their business. In many cases, this has led to a massive surge of employees working from home and connecting back to corporate environments. While companies have prioritized the remote connectivity necessary for working from home, security and compliance considerations and obligations did not simply go away. Even worse, bad actors are taking advantage of newly provisioned and less-secure workspaces, compounding workloads on already stretched security resources.
Some enterprises are turning to third-party services and solutions to fill the gaps with their technical security and compliance programs during the crisis, while others are reprioritizing security and compliance projects to address new gaps in security controls. What happens when employees go back to working in the offices? Physical security challenges and maintaining multiple environments with competing controls is likely the “new normal” for security professionals.
For those following the news, the way that governments and enterprises are handling the pandemic changes nearly every day: how are kids going back to school, how does this affect the stay-at-home workers, how long is working from home going to continue, and is a remote worker going to be able to maintain the same security- and compliance-related controls from their work-from-home environment? Unfortunately, the questions are changing almost as often as the answers.
Enterprise Management Associates (EMA) is going to find the answers (and the questions) that are most pressing to the enterprise. We will survey IT and business leaders across all verticals to discover their information security- and compliance-related challenges as they relate to the coronavirus pandemic, as well as their short-term and long-term plans on addressing them, focusing on three key areas:
Working Remotely: In the initial days of the pandemic, there was a mad rush to get employees to be able to maintain their productivity (as well as the viability of the company) and enable remote working. Now that the initial push is over for most companies, the focus is back on securing those employees as they were in their corporate offices. Are companies going to continue to allow working remotely? What impact does this have on future budgets, including real estate, hiring, corporate technical infrastructure, and cloud migrations?
Data Security/Privacy: When considering the pandemic, one of the greatest concerns that has come from the working remotely movement is data security. Added to this are the privacy regulations (GDPR, CCPA) that didn’t go away because of the pandemic, forcing the enterprise to continue with their data classification and remediation efforts to reconcile their data estates. How should companies prioritize data security, and how has it changed due to the pandemic? What actions are risk managers and regulatory auditors enacting to deal with remote workers?
Security Trends: Before the pandemic, companies were investing in IoT security as well as artificial intelligence/machine learning (AI/ML). While those investments will likely remain a priority, the pandemic will likely force companies to shift spending to deal with more immediate security and compliance requirements. What are the immediate security spending priorities now, due to the coronavirus pandemic? Have the long-term spending priorities changed because of the pandemic?
The pandemic is having radical effects on every business in every vertical, but those businesses with a better understanding of the short-term and long-term impacts that the pandemic will have on their core business practices will emerge in a stronger position than their competition and a financially stronger position to weather the pandemic impacts.Stay tuned and learn more about research sponsorship
Stay tuned for my future research on this topic. For information on sponsorship opportunities, please contact an EMA business development manager at +1.303.543.9500 or firstname.lastname@example.org