If 2020 was a normal year, I would be gearing up for a trip to Las Vegas next week for the Black Hat security conference. However, 2020 is not a normal year. The COVID-19 pandemic has forced much of the world to implement some form of quarantine or shelter-in-place order in an effort to mitigate the spread of the virus. As July winds to a close, things like air travel and massive gatherings of thousands of people are entirely foreign concepts. Just because we can’t all go to Las Vegas to hang out together doesn’t mean we can’t get some of the same insights and experience, though.
Just as many companies have made the switch from in person meetings to collaborating on video conferencing platforms like Zoom or Microsoft Teams, cybersecurity vendors and experts can use the same technology to engage and share information they might normally have shared at Black Hat. Highwire PR decided to do just that by organizing a virtual panel discussion titled, “Crisis and the Cloud: New Security Challenges of Accelerated Adoption.”
The discussion was hosted by David Spark, producer of the CISO Series, and was conducted via Zoom. Spark was joined by Myrna Soto, Chief Strategy and Trust Officer at Forcepoint, Rebecca Weekly, Senior Director of Cloud Business Strategy at Intel, Rinki Sethi, CISO at Rubrik, and Kate Kuehn, SVP Alliances at vArmour to discuss the realities of cybersecurity and cloud adoption during the COVID times.
The premise of the panel discussion was simple and timely. At the beginning of 2020, there were companies that had not yet considered digital transformation and there were companies that had invested significant time and resources developing lengthy and expensive strategies for embarking on digital transformation. Once COVID-19 hit, however, all bets were off and companies of every size and across every industry were forced to make the shift overnight. As organizations went to fully remote, work-from-home scenarios in response to the pandemic, companies had to quickly scramble to ensure that employees have access to data and can access the applications they need from wherever they are trying to get their work done.
Spark began by asking the panel what significant changes they faced within their own organizations as a result of COVID-19. Rinki noted that it is certainly a challenge that everybody is now working from home but stressed that Rubrik was ahead of the curve some. As a younger company, Rubrik was already almost entirely cloud and SaaS (software-as-a-service) based. Rebecca pointed out that there are some benefits to the shift—that a transition that normally takes months or years was dramatically accelerated. She also pointed out, though, that when something is done quickly, but not deliberately, mistakes can be made and that in many cases it may be too early to say for sure if it was a good thing or a bad thing.
Spark then asked about top concerns that the executives on the panel have seen or heard from customers. Kate explained that the initial concern was just making the shift from brick-and-mortar office to a remote workforce, but that it quickly shifted from being about how to do it quickly to a broader conversation about the need to do it in a way that will work long term. Myrna said that it is a bit of a silver lining that many organizations were forced to embrace digital transformation, and also pointed out that it has led to some customers looking at capabilities that they hadn’t previously considered.
Myrna said that the new network is Wi-Fi in an employee’s kitchen, and that the user is the new perimeter. That is the scope of the infrastructure that must now be protected, and that means that many of the traditional tools and legacy strategies are no longer effective. The panelists seemed fairly unanimous when talking about the need for behavioral analytics in this new model. An infrastructure that extends to every user’s home network and personal computer or mobile device is simply too dynamic and too complex to effectively defend against all threats. Instead, organizations should turn to user behavioral analytics and zero trust security concepts to raise the bar for cybersecurity in general and compress the timeframe it takes to detect and take action against suspicious or malicious activity.
It was a very interesting and insightful panel discussion. Thanks to COVID-19, I’m going to miss my annual trip to Las Vegas, and I will miss hanging out and catching up with peers and friends from across the cybersecurity industry, but at least I won’t miss out entirely on the sorts of discussions and presentations I would normally be attending next week. Highwire PR did an excellent job pulling together an awesome panel of experts, and every one of the panelists provided unique and valuable insight.