image The Continuing Need for Compute, Storage and Virtualization 2021 Tech Trends & Priorities Survey

4 Things to Consider Now That the ‘New Normal’ Isn’t So New Anymore

4 Things to Consider Now That the ‘New Normal’ Isn’t So New Anymore

By Andrew Roberts, Chief Cybersecurity Strategist, cStor


Re-examine Your Security Strategy

Update Your Business Continuity Plans

When the pandemic first took hold of the world, we all rushed to implement our pandemic business continuity plan (BCP). Those of us who had a plan in place had it a little easier. For those of us who didn’t, we still made things happen and gained the knowledge we needed to document our plan.

If you had a plan going into 2020, now is an excellent time to review and update the Pandemic BCP using the lessons learned in 2020. If you didn’t have a plan, take this opportunity to create one while the knowledge (and pain) are still fresh in your mind. However, don’t stop with your pandemic plan; many of the lessons learned can be applied to your other BCPs. Take this opportunity to re-examine your natural disaster plans, extended power outage plan, ransomware plan and any other plans you have that address the potential threats your organization faces.

Don’t have any BCPs? I think 2020 taught us all about the need for continuity planning.

Re-examine Your Security Strategy

Some of us have a defined strategy that guides our progress as we improve cybersecurity within our organizations. When did you set your strategy? A lot changed in 2020, and some of those changes have made parts of our security strategy obsolete. The way organizations get business done has changed, and we need to make sure that our security efforts change so we can continue to protect our assets while enabling the business to accelerate securely. Take some time to make sure your ongoing strategy aligns with the new way your organization is operating.

Don’t have a cybersecurity strategy? You are not alone. We have seen many organizations operating without a strategy, which usually makes them very reactive and often in a continuous firefighting mode. cStor has helped many clients develop a customized risk-based cybersecurity strategy that moved them from reactive to proactive – and allowed them to make more strategic security investments. Don’t know where to start? This blog may help: Successful Cybersecurity Programs Start with a Framework.

Focus More on Your Data

Our workforces have become highly dispersed, and that’s not going to change any time soon. If anything, they may become even more dispersed as our employees start moving to their dream locations because they are now allowed to work remotely. Last year, the perimeter was disappearing. In 2020, the perimeter is gone.

Do you have a good strategy for securing your data while simultaneously making it more available from anywhere and possibly even from any device? If not, it’s time to take a more data-centric approach and start looking at solutions that can make that possible.

Don’t Forget the Endpoints

As our employees moved away from the office, they took their endpoints with them. Many also started using their personal devices for work. That brings several questions. Can you maintain the endpoint protection effectively on devices that are not on your network? Will they be updated as needed? Are they still effective offline? Can you protect data that is moved to personal devices?

Now is a good time to take a second look at your endpoint protection solution and make sure it still fits your needs. It’s also a good time to consider a mobile device management (MDM) solution so you can protect those personal devices and the organization’s data they contain.

———-

2020 brought more change than anyone expected. Let’s learn from our experience and ensure that 2021 is the year when we regain control.

Andrew Roberts
About Andrew Roberts
As the Chief Cybersecurity Strategist for cStor, Andrew partners with clients to help them achieve great accomplishments in their cybersecurity, governance, risk and compliance programs. He is building a successful cybersecurity practice by focusing on client success, sales enablement and partner alignment. Andrew brings a wealth of experience in audit, advisory and cybersecurity leadership and freely shares that knowledge to help put clients on the path to success.