With the covid, the objective remained, but the problems and the day to day has changed. We continue to protect the organization, we continue to secure our data, and we continue to protect users. But, for each of the defense lines (operation, strategic and ), many things must be adapted.
1st line of defense: Operation
The responsibility is the continuity of operations, security monitoring, security incident management, and the assurance and implementation of controls.
The 3 pillars process, people and technology remains. We continue to have to ensure visibility, control and responsiveness. But now we have another variable, which is the prioritization of people’s health. And that impacts each of the pillars.
Process
. How to eliminate the face variable?
. How to give continuity without lowering the level of control?
. How to quickly adapt to new business needs?
People
. Relationship in the team
. New hires
. Solving domestic problems
. Team synergy work
Technology
. How to support the load in distributed models?
. How to keep the system / data safe under the new model?
. How to guarantee technological improvements / supports in a remote model?
2nd line of defense: Strategic
The responsibility is risk management, definition of controls, definition of the organization’s security objectives, as well as strategic decisions.
The goal of keeping the organization safe stands, but…
a. The business reinvents itself. Not only from the point of view that everyone works from home, but also how to get the customer to continue consuming your product without being able to reach it physically.
b. Identify new attack vectors.
c. Reframe the how? How does this model affect us? How does it affect the organization? How are we going to process? How are we going to ensure? How do we continue to mature our security management process?
d. Reassess the risk
All this went down to an economic depression, down to a reduction in costs, expenses, investment. Without a clarity of future in the short-medium. And the most curious thing, all made from home.
3rd line of defense: Audit
The responsibility is to validate compliance and identify any security flaw that may occur, throughout the entire chain.
a. Auditors had to reschedule their audit plans in many cases. The operation in many cases is super saturated.
b. Auditors have to defend the context and urgency of their observations.
c. Make your observations more flexible (within what is tolerable) or the strictness of some controls.
d. Maybe adjust in time, or through compensatory controls.
How to demand improvements or observe defaults during long periods of contingency? When the budget and the situation limit new initiatives and / or the operation is at its maximum capacity.
And the attack?
. The vulnerabilities remained the same.
. More time to reinforce and add knowledge.
. Offer / convince clients to continue executing.
. It was time to rethink attack scenarios.
. Begin to test techniques of how the new model would be violated.
. Some still do not differentiate this new normal.
As you see, the changes is inevitable and we must adapt on the new normal cybersecurity process. We need to find ways to improve and optimize the cybersecurity professionals works and one of that way is providing good tools to make the process as much automatic as possible. Skuudo is one of this must have tool for ethical hackers. Find out here!
