As 2020 draws to a close, we are approaching a milestone on the pathway through the Covid-19 pandemic. While cases and deaths continue to rise globally and economic disruption deepens, there has also been positive news: several vaccines have shown promising results in early trials and are being fast-tracked towards mass production. Even though there is still a lot of ground to be covered before the vaccines are ready for use – let alone delivered at scale worldwide – they are a clear sign that the Covid crisis could eventually be overcome.
What will this mean for businesses globally and all our working lives? The changes brought about by the pandemic have made a deep and lasting impact across all industry sectors, from manufacturing to retail and hospitality, healthcare to education. We will not be able to turn the clock back to how things were anytime soon.
This was highlighted in a new survey** that we conducted to learn what organizations’ main security challenges and priorities are for the next two years, and the changes to their security strategies forced by the Covid-19 pandemic during 2020. For the majority of organizations, the ‘new normal’ will stay for some time: they do not expect their current security issues and priorities to change much, if at all, over the next two years. In addition, at many organizations, the rapid changes made to networks and security infrastructures in response to the pandemic are likely to be permanent.
Key findings from the survey of over 600 IT security professionals globally are:
Organizations are facing more attacks since the start of the pandemic: Over half (58%) of respondents said their organizations have experienced an increase of attacks and threats since the start of the COVOD-19 outbreak, since Thirty-nine percent said that attack volumes have remained the same; just 3% said they have fallen.
The shift in security strategies in 2020: Ninety five percent of respondents said their strategies had changed in the second half of the year, the biggest being enabling remote working at scale (cited by 67%). This was followed by security education for employees (39%); improving network security and threat prevention (37%); expanded endpoint and mobile security (37%) and rapid adoption of cloud technologies (31%). Only just over a quarter (27%) said they had accelerated existing security projects during 2020, showing that for the majority, their pandemic response involved an unplanned re-invention of their business model.
The biggest security challenges going into 2021: Security for employees working remotely was the leading challenge (cited by 47% of respondents), followed by protecting against phishing and social engineering attacks (42%), maintaining secure remote access (41%), and protecting cloud applications and infrastructure (39%).
Security priorities for the next two years: The leading priorities through to 2023 were securing remote working (cited by 61%), endpoint and mobile security (59%), and securing public or multiple clouds (52%). These were clearly ahead of issues such as IoT security (30%) and email security (24%).
The new normal is here to stay: Abouthalf of all respondents believed that their security approach will not return to pre-pandemic norms. 29% said that they expect a return to pre-Covid operations at some point in the future, and just 20% believed their situation has now returned to what it was.
To block the growing volumes of cyber-attacks and threats, organizations need to prioritize closing off any security gaps across their new distributed networks, from employees’ home PCs and employees themselves to the data center. Here are our tips to help organizations evolve their security strategies to ensure they can continue to operate as efficiently and as safely as possible:
Real-time prevention
Protective vaccination is better than treatment, and in cyber security, real-time prevention is the key to protecting networks, employees and data against attacks and threats.
Secure your everything
Every part of your network matters. Organizations must revisit and check the security level and relevance of their network’s infrastructure, devices, processes, compliance of connected mobile and PC devices, IoT and more. The increased use of the cloud demands an increased level of security, especially in technologies that secure workloads, containers, and serverless applications on multi- and hybrid-cloud environments.
Consolidation and visibility
With so many changes made to organizations’ infrastructures, it is essential to ask these key questions: are we getting the security we really need? Are we protecting the right things? Did we miss a blind spot? The highest level of network visibility increases security effectiveness. You need a unified management and improved risk visibility to your entire security architecture and this can only be achieved by reducing the number of point product solutions and vendors.
Check Point has a full range of solutions that ensure secure remote working, allowing workforces to remain as productive as possible. These include Check Point’s Remote Access VPN Software, Endpoint Threat Prevention, Mobile Security, Mobile Secure Workspace and SandBlast Agent. To secure cloud workloads and applications, CloudGuard Cloud Native Security streamlines and automates protection, blocking the most advanced cyber-attacks and enabling organizations to take full advantage of cloud speed and agility.