Home CXO FILES CISO Cyber Talks: Tough lessons from 2020

CISO Cyber Talks: Tough lessons from 2020

February 4, 2021

EXECUTIVE SUMMARY:

CISO Cyber Talks offers key cyber security insights from Check Point Software’s CISO, Jonathan (Jony) Fischbein.

No one on planet earth can deny that 2020 was a tumultuous year. Societies around the world have felt the devastation from the COVID-19 pandemic.

For those of us in cyber security who have spent decades trying to make the world a safer place, 2020 presented us with many challenges. As Check Point’s CISO, I’ve learned many lessons from this pandemic; a few, the hard way.

Like many organizations, Check Point migrated to remote work in March. Over 5,000 employees left their traditional offices. Travel and in-person events came to an abrupt halt. Daily business shifted to virtual conference meeting platforms.

The sudden transition to telework and an increased reliance on remote access security impacted Check Point as well as our customers and partners. This has prompted me to share several best practice articles. They are available here and here.

However, this was just the tip of the iceberg.

The strengths of a cyber security-driven organization

Over the last nine months, I’ve seen cyber security become top-of-mind from both technological and business operations perspectives. Shifting entire employee populations to remote work with zero or minimal business impact was no small feat. This process truly demonstrated the criticality of cyber security in our business endeavors.

For years prior to the coronavirus, cyber security leaders have been focused on defensive postures – thwarting threats, providing support and compliance, and raising cyber security awareness among employees and company boards. However, with an abruptness never experienced in recent decades, CISOs were tasked with supporting 99 or 100 percent of staff in operating seamlessly and securely from home.

We realized that a piece of headquarters was suddenly snuggled into everyone’s home office. In best cases, employees continued to work transparently; they could access their files, collaborate with others and continue with their jobs in a secure manner. CISOs had to ensure that all endpoint devices connecting to network resources could effectively fend off attacks. Hackers, cyber criminals, and nation-states accelerated their attacks with a cold harshness during this pandemic.

Employees are not the same

When employees worked in the office, the state of mind was that they were a participant in a secure corporate world. Gateways were engineered to provide logical physical fences as did the video cameras, security guards, and ID badges. A sense of security was achieved that could not be enforced in homes. Some employees adopted a parallel universe, having been lured into relaxing the rules and guidelines they practiced as in-house corporate citizens.

In those early months of the lockdown, I quickly learned that company employees were of two types. First, those equipped with laptops and smart phones felt comfortable with remote access computing. They understood the dangers of being online and understood the importance of authorized security software such as our VPN and threat prevention technologies.

The second group experienced more difficulties in adjusting to the transition. These exclusively office-based employees routinely used desktop computers to access network software and services. Suddenly, many in this group depended on their personal smart phones and home-based computers. This required that we transform remote access for 1,000 employees, from individual desktops into a durable, large-scale secured solution. Fortunately, we made it work by leveraging Check Point security remote access tools, together with load balancing and other solutions. For many of our customers, it required not only the right security infrastructure setup, but their teams had to ensure that users could actually use the tools and adhere to revised security guidelines.

Nobody’s looking when I’m working from home

As mentioned earlier, working from home has created a perception that people can continue normal at home practices: surf the web, freely download files from websites and more while being connected to corporate email and other services. And, people could do this on home Wi-Fi devoid of network management and network access controls that were standard in offices. This immediately raised questions.

What safeguards are there with home routers? Is there a neighbor connecting to piggy-back on the employees’ Wi-Fi? This represents only a fragment of the challenges that CISOs have faced when it comes to connecting their people safely and securely.

Meanwhile, where are we with the good fight?

Before the biological pandemic, CISOs were embroiled in battles with successive generations of cyber threats. We have all heard of successes on that front; organizations winning battles but losing the war as cyber attacks accelerated during the pandemic and with increased virulence.

Ransomware, phishing, malware, and other exploits have ramped up. Early in 2020, Check Point’s founder and CEO, Gil Shwed, issued warnings about an impending ‘Cyber Pandemic.’ And his predictions came to life.

One veteran in cyber security describes it this way, “What is clear is that technology and security pros struggled in 2020 to respond as quickly to the changing environment as did the bad actors, who took advantage of unprecedented shifts in people, processes, and technology within governments and worldwide companies.”

We do need to recognize that the cyber security industry overall continues to make tremendous strides in stopping cyber attacks with advanced threat prevention technologies. However, according to the 2020 CISO Effectiveness survey, only 12 percent of CISOs surveyed believe they excel in these five behaviors attributed to top performers:

Initiating discussions to stay ahead of threats
Regularly briefing and updating decision makers on potential risks
Proactively evaluating and deploying emerging security technologies
Developing a succession plan
Collaborating with senior executives to maintain alignment between security and business objectives

As a tight community of global security leaders, we have our work cut out for us, but our ability to survive the tough challenges of 2020 should give us an emboldened confidence as we move forward with a new normal in 2021.