Biggest Risk - People or Technology?
CIOREVIEW >> Infrastructure Security >>

Biggest Risk - People or Technology?

Deana Elizondo, Director, Cyber Risk & Security Services, American Electric Power
Deana Elizondo, Director, Cyber Risk & Security Services, American Electric Power

Deana Elizondo, Director, Cyber Risk & Security Services, American Electric Power

2020 has been a year we will never forget. The COVID-19 pandemic sent many employees to work from home and find new ways to be effective in a virtual environment. We’ve had to make adjustments to our security practices while keeping our #1 focus on our employees – our most valuable asset. How do we ensure the mental and physical well-being of our employees when we are no longer seeing each other on a daily basis? It’s critical to stay connected, keep the culture alive, and make everyone feel they are a valuable contributor to the team and company mission. We have increased the frequency of team meetings and individual discussions and are taking advantage of collaborative tools.

One of the biggest security risks in this new working environment is data protection and data loss. As long as you are connected to your company’s network, you have built-in protections. But what happens if you need to print a confidential document without a work printer? Do you allow printing to a personal printer? Having solid security policies and standards in place will certainly help, but most likely you will need to write a few new ones. We’ve also had to increase education and awareness around unauthorized access to confidential or sensitive data that is now in the home instead of the office. If an employee’s role requires the handling of confidential or sensitive documents, you may need to require a dedicated work space, clean desk policy, secure data transmission, encrypted PCs, and privacy screens.

“Employees who are strong communicators and collaborators will be successful in this new remote working environment”

Most companies were working on initiatives knowing the future of work will look different than a traditional office environment. Little did we know we would be thrust into that world immediately and with no warning. What might have been a temporary work situation will become the new norm after the pandemic is over. Work teams have proven they can be just as effective, if not more so, in a remote work environment. However, these new working arrangements can bring new challenges, such as keeping company culture alive and employees engaged. Are managers trained and equipped to lead remote teams? If not, it’s important to provide training and mentors. What about the process of on boarding and training new employees remotely? Micro-training and assessments are good options to gauge progress and determine next steps.

On the plus side, a more permanent remote strategy expands the geographical area of your talent pool. When this is done right, the benefits can include higher retention, increased productivity, and more successful recruitment of hard-to-find skilled or niche security resources. Employees who are strong communicators and collaborators will be successful in this new remote working environment. Although they will miss the direct people interaction, they will get the job done. Reducing security risk is always a top priority for any security team, but our #1 focus should remain on the people. Make sure they feel included, nurture the sense of teamwork and provide career development opportunities. By managing security and people risks, we can continue to be successful in this new world of work.

Read Also

How Path To Production Ensures Safety And Soundness On Our Digital...

Ramon Richards, Senior Vice President of Integrated Technology Solutions, Fannie Mae

Incorporating Emerging Technology Into A Cpg Company’s Technology...

Erin Allen, Director IT Strategy and Architecture, Sargen to Foods Inc.

Embracing The Modern Way

Jeremy Bucchi, vice president of Cloud Transformation, Lincoln Financial Group

Bringing People And Technology Together

Minh Hua, Chief Talent Officer, Stanley Black & Decker

Consider adoption of the cloud as part of your remote work strategy

Marc Ashworth CISSP, CISM, CRISC, Senior VP – Chief Information Security Officer, First Bank

Reaping What You Sow From Cloud Computing In Variable Industries

Enrique Leon, Director, Cloud Services, American Sugar Refining