The COVID-19 health crisis almost instantly changed how the world works, bringing with it new security threats and challenges. As organizations work to find the path forward and emerge stronger on the other side, it’s important to take stock of where we are and where we need to be.

Working Together While Apart

Like many other organizations, ours transitioned employees to remote work, with nearly 95% of IBMers now working remotely. With this new reality comes the need to heighten employee awareness of the security risks associated with a distributed workforce and global crisis.

For example, since February, there has been an 84% increase in the use of tools that facilitate remote work, like video conferencing, remote access tools and Virtual Private Networks. At the same time, since March 11, when COVID-19 was declared a pandemic, IBM X-Force has observed a more than 6,000% increase in COVID-19 related spam.

As we navigate these uncharted waters, we should also remember that difficult situations can often bring out the best in us. Even as IT and security teams are facing new challenges due to COVID-19, organizations in every industry are leveraging IT tools to help keep their clients safe and productive – from enabling distance learning for students around the world, to securing major banking transactions, to thwarting ransomware attacks on critical hospital systems.

Focusing on Fundamentals

At the heart of all of these stories is a push to drive security into the fabric of business. Regardless of where or how we are all working, organizations need to continue to focus on the fundamentals of modern enterprise security, and be both flexible and diligent in their security approach.

Right now, at IBM, we are approaching security for ourselves and our clients in three ways: securing remote workforces, detecting and responding to accelerating threats, and virtually extending security teams to add expertise. There are a number of ways to meet these needs, including:

  • Employing cloud to account for the increased capacity and number of devices and networks being used by a global remote workforce
  • Mining data to identify potential vulnerabilities and understand the nature of the cybersecurity threats that have emerged during the crisis
  • Relying on experts and other business leaders who are best equipped to respond to attacks and then share best practices with other stakeholders

Leading with Innovation

With security fundamentals in place, organizations can also take this time as an opportunity to evolve cyber resilience strategies. For instance, as technologies like hybrid multicloud and Bring Your Own Device are driving remote work environments during this crisis, a solution like Zero Trust, which was already picking up steam even before COVID-19, has renewed relevance. Zero Trust is a flexible security framework that provides deeper security inside an IT perimeter and relies on sharing context between security tools to protect the connections between users, data, and resources.

New innovation cannot be left out of the security equation, and that it will be even more important as we prepare for the future.

Remembering Your Purpose

Even though how we work and where we work may have changed, why we work has not. At IBM, our mission is to be essential for clients; we have the tools to help ensure their business continuity and IT resiliency in the face of this challenge, and we have a collective drive to improve for the future.

To secure that future, leaders across industries need to continue to embrace the security fundamentals that have served them well up to now, and also take advantage of opportunities for innovation and outside-the-box thinking that can accelerate positive change.

By continuing to focus on this balanced approach to enterprise security, hopefully we will all be in a much better place when we come out on the other side.

Watch the Think Digital Session Now

More from Zero Trust

Zero Trust Data Security: It’s Time To Make the Shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

4 min read

How Zero Trust Changed the Course of Cybersecurity

4 min read - For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition into a sudden scramble. This left many companies struggling to secure vast networks of remote employees accessing systems. Also, we’ve seen an explosion of apps,…

4 min read

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

4 min read - Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies begins, it’s easy to quickly become overwhelmed with SOAR, SIEM, SASE and Zero Trust —  especially since they almost all start with the letter S.…

4 min read

Contain Breaches and Gain Visibility With Microsegmentation

4 min read - Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

4 min read