Covid-19 hasn’t driven the need for organisational changes with respect to IT and security job functions and roles but it has certainly changed the way IT services are delivered. Many companies have reassessed their level of IT and security staffing looking for efficiencies to offset reduced revenue, have had to quickly deploy and expand remote access and endpoint security solutions to support work at home employees, and have accelerated their migration to cloud-based services, for example, digital transformation.

This is requiring some companies to bring on additional expertise to support this shift. IT departments have also had to rethink their approach to remotely providing IT support, cybersecurity and compliance monitoring, incident response, and data management for their employees working from home. If anything, IT and cybersecurity have become even more essential to companies as their business operations are now wholly dependent of secure connectivity and communications among work at home employees, customers, and suppliers.

The new normal

While some companies are starting to think about returning employees to the office, it is safe to assume that the shift back to office won’t happen overnight so we need to be prepared for an environment where some workers are in the office, some are continuing to work from home, and some are shifting back and forth. This will be the new normal well into next year. Also, many companies are seeing significant benefits, for both the company and their employees, to working at home and may opt to make work at home permanent. Given the prolonged need to have employees work from home, companies will continue to invest in improvements to their IT and security services to provide more robust and more secure access for their work at home employees.

The CISO’s role

IT and cybersecurity have become even more essential to companies as their business operations are now wholly dependent of secure connectivity and communications among work at home employees, customers, and suppliers. In addition, many companies were required to shift, almost overnight, to having all employees work at home. Many of the solutions deployed to support this rapid change in business operations were less than ideal and required companies to weigh the security and business risks of various solutions being considered. This has helped to solidify the relationship between CISOs and the board.

Similarly, the relationship between the CISO and the security vendors and channel partners has changed, driven by the need to rapidly roll out new remote access and security solutions to support the shift to work at home. CISOs needed information quickly on security product features, cost, and availability and were more inclined to be directly involved in those discussion with vendors and channel partners. There has also been a change in the relationship between CISOs. There is more of a willingness to connect with peer CISOs across business verticals to exchange information and ideas.

By Chris Kubic, Chief Information Security Officer at Fidelis Cybersecurity.