Organizations around the globe spent the past few weeks rapidly adapting to delays in their supply chain and to a need for new remote workforces. As a result, IT leaders had no choice but to roll out unplanned solutions and unprecedented workflows to maintain productivity.
As companies begin to shift from short-term fixes to long-term solutions, they will be looking for answers to new questions around protection against risk, creating new opportunities in the space.
And if there’s one constant need across industries and organizations in the face of fast-paced changes and current events, it’s a need for IT security. This week we spoke with Carl, former IT Security Manager at UPS who recently retired after more than 30 years with the company, about what he sees to be these current and emerging needs in IT security.
Here are the three key takeaways from the conversation:
- Craft messaging around helpfulness in the current environment. Highlight the support that you can offer, and identify yourself as a helping hand to enterprises who are going through a lot of transition and making a lot of changes quickly, without time to consider the impact of the decisions they’re having to make. Understand that these organizations need all the help that they can get, and don’t forget partnership best practices as you offer that help. Listen to your customers and be thinking about the long game.
- There are likely a lot of temporary solutions in place, which were hastily applied currently, so now is a great time to step up and try to fill any potential gaps. Because security was likely already a concern and now organizations are having to deal with new risks and new changes in their business, this is a great time to step up and be helpful. Companies will remember that support down the line. Be sure to handle the relationship with empathy and preparation so that you can help your potential customers. While you’re building new partnerships, you can help them to identify gaps that they just can’t at the moment.
- On-demand and tier pricing with flexibility and usage rates would be very attractive to a lot of organizations who are looking to manage cost with IT spend while also working with the most effective solutions as a goal of theirs, especially within security. Consider how you can get creative with your pricing model and create a viable trial to demonstrate belief in your product from your end and to support your potential customers where they are right now.
Panel Discussion Highlights
I’d like to start by getting your take on the recent changes in the workforce with so many employees working remotely and how, of course, that will inevitably impact IT security for all of these organizations. What should organizations be focused on, and what should IT vendors focus on in their messaging?
The challenges that we’re facing right now as employers, schools, and the government rapidly expand remote capabilities to allow for this work-from-home-type aspect, any weaknesses they had in their remote standards for connectivity are only going to be multiplied with the new volume that they’re addressing now.
Many IT teams most likely had to rush expansion solutions due to the demand that they’re facing. Rushing means unplanned solutions, normally. Security steps were most likely skipped, and a lot of risk was probably accepted for the short term.
Are there any types of IT security solutions that will be especially relevant as being able to mitigate how things have changed very quickly without giving organizations a chance to prepare or truly understand the risks involved?
Currently, a wise company should be looking at cloud-based virtual desktops, web-portal-type solutions that allow access without allowing home systems or remote systems to actually touch the business’s network directly. Allowing that connectivity to a business’s network opens them up to all types of vulnerabilities. Even if a system was vetted, one click on a phishing email could end up with the remote VPN becoming a pipeline into the business for a hacker. You think of the Target incident, that kind of a scenario.
How can IT security solutions providers craft proper messaging so that they’re addressing some of these concerns while also being sensitive to the massive amount of change and adaptation going on in their customers’ organizations? If they see their solution as being able to help mitigate some of this risk, what can they do to navigate the strategy and pitch process effectively?
Right now, IT security teams are going to be overwhelmed with the rollout of these remote systems. They’re going to be overwhelmed with all of the technical detail that’s going to be required to be able to make this viable for their business. Solution providers can craft messages around helping, “We’re here to help. We’re here to be a partner. We’re here to aid you during this time of emergency. We’re here to basically give you a helping hand.”
It’s one of those things where companies, especially enterprises, need all the help they can get when it comes to security, but they need good help with partners who are willing to listen to what they have to say and have the ability to adjust to the features and the criteria that the companies are needing.
I realize this next question requires a lot of speculation, but how do you think IT security will change due to recent events?
Knowing the scramble that has just occurred and is probably still occurring as this continues, the need for establishing rapid expansion and self-provisioning systems is going to be required as a business driver.
It’s something that they must have. This means faster adoption of cloud solutions, providing secure, remote access with the utilization of single sign-on solutions. Those are going to be needed to meet the next unforeseen event or simply just a new way of doing business. These solutions must be interoperable, meaning they have to be able to go across various platforms. Businesses that fail to plan for this in the near future, they’re likely to be businesses that will fail.
What recent developments have come to the foreground in the last couple of years that you think will shape the immediate future of IT security?
The biggest thing has definitely been privacy. It’s a game changer. Laws for privacy, and the fines that are associated with it. If you look at GDPR, California privacy laws, all of these are ever-expanding from a legal aspect. They really look to due diligence and due care, which really become critical. These regulations are hitting the bottom line of companies, and the truth is, they affect the freedoms of CISOs. They affect board members, CEOs. Now these board members, they’re really seeking real security versus just looking secure.
For more insights on how your business can find ways to adapt and succeed in these unique times, you can connect with one of the thousands of advisors in our network from Fortune 1000 firms. Contact us here to see what an Emissary can do for your business.