Cybersecurity Architecture for the New Normal | HCL Blogs

Cybersecurity Architecture for the New Normal

Cybersecurity Architecture for the New Normal
November 30, 2020

COVID-19 has been a zero-day attack on our lives, impacting the established law of presence. Pandemic progression has imposed unforeseen challenges in digital adoption and brought cybersecurity to the center. It required radical changes in the ways of working and compelled organizations to embrace new operating practices.

Organizations displayed agility in ensuring business continuity by exploring novel ways of working via digital adoption. Enterprises, big or small, extended compassionate cooperation and enablement to employees to stay healthy and perform critical business processes remotely.

The COVID-19 pandemic is continuously evolving, and so are the associated challenges, such as:

  • Rapidly enabling secure teleworking
  • Fostering collaborative platforms to enhance productivity
  • Elastic access to a wider, remote workforce to overcome legacy inhibitions and supporting a wider scope
  • Business resilience requirements and rapid resilience attestations

Remote working, coupled with elastic access requirement, will spark new ideas of innovation.

Dynamic and Adaptive Cybersecurity Architecture

In the post-COVID-19 world, there will be a massive influx of digital adoption, with technology and employee work options on personal and handheld devices. Hence, post-pandemic cybersecurity architecture should be dynamic and adaptive, which will be based on two primary tenets:

  1. Continuous monitoring and response: A continuous detection and response approach will traverse the core components of people, process, and technology for an adaptive cybersecurity framework. Analytics enriched with meaningful intelligence will enable the detection of, and response to, anomalies in real-time to drive dynamic cybersecurity. Context-aware networks will provide multiple sources of information in such a cybersecurity framework, which security professionals can use to detect an attack taking place in real-time.
  2. Zero trust: The dynamic cybersecurity framework would be adaptive and enable policy-based, software-defined zero trust principles.

    Continuous detection and response will replace incidence response by establishing integrated detection of events and achieving integrated management of risks. Unified risk management will enable active management of threats associated with business initiatives, such as cloud, remote working, data security, access and authorization, operational technology, and the Internet of things. Such dynamic and adaptive architecture will establish comprehensive and continuous security to provide visibility and control across different layers for future security.

    Continuous detection and response will replace incidence response by establishing integrated detection of events and achieving integrated management of risks

Empowering Pillars

  1. Adaptive security architecture for IT and IoT: Security teams would have to shift focus from incident response to continuous response, reduce effort on prevention, and build capabilities in active detection and response. This must be made on the existing pyramid of tools and technologies deployed to prevent, detect, and respond.
  2. Enable elastic access: Concepts of secure access and just-in-time access will be essential to compensate for any inadequacies at the network and perimeter layer. Business and workforce criticality-focused access, SSO, and MFA management will enable secure remote working requirements.