During 2020, institutions of all kinds were forced to adapt to a dynamic world where the usual projections and five-year marketing plans did not apply. Economic reports show marked GDP reductions of greater than 20 per cent in many countries, with continued decline into 2021. Businesses and workplaces will increasingly turn to models of work in dynamic fields – such as cybersecurity – to make them more resilient.
Organisations that emerge out of the pandemic and the ensuing economic turmoil will have spent 2020 continually adapting to previously unimagined circumstances. This is a very familiar environment for people working in security, and particularly cybersecurity, because quite often we don’t know what the next couple of hours will look like. Businesses of all kinds will discover the need to adopt fluid models and frameworks developed in a dynamic field and use them to redirect money, personnel and resources rapidly.
Typically, most businesses rely on static, predictive data analysis for growth and sustainability. They study insights and information from the previous few weeks and base predictions on them. However, these statistics can be rendered virtually useless within the next hour. Instead, businesses must start using data as they get it, proactively seeking out problems that could pose danger – just as cybersecurity specialists do.
Many cybersecurity frameworks can be modified to suit businesses more broadly. One example is data orchestration – where information that has been siloed in various parts of an organisation is collated and made available for rapid analysis.
Another is the concept of common vulnerability exposures (CVEs). This is a standardised identifier for known vulnerabilities, such as a weakness in a certain kind of encryption or an exposure such as a large data breach in the last two years. Lists of these are available for any organisation looking to improve its cybersecurity. A version of this approach for other industries – known issues with certain suppliers, for example – could be used to make all kinds of firms more resilient.
In cybersecurity, we often take a three-pronged approach: detect what the potential threat is; take immediate action to protect information; and establish long-term defences to systems, such as new kinds of encryption. Businesses will find that adopting these processes and tools – especially their emphasis on the early detection of potential threats and the sharing of information when necessary – will help future-proof operations.
Early adopters will be the winners here. Workplaces and organisations that embrace the reality of a dynamic environment, rather than yearning for static working and legacy business models, will outperform their competitors. In 2021, companies and institutions that adopt principles such as data orchestration and CVEs, will find they’re in a better position to survive.
Claudia Natanson is Information and Cyber Security Specialist, Security Practitioners