Like all business leaders, chief information security officers (CISOs) have shifted their roles quickly and dramatically during the COVID-19 pandemic, but many have had to fight fires they never expected.
Most importantly, they’ve had to ensure corporate networks remain secure even with 100% of employees suddenly working from home. Controllers are moving millions between corporate accounts from their living rooms, HR managers are sharing employees’ personal information from their kitchen tables and tens of millions of workers are accessing company data using personal laptops and phones.
This unprecedented situation reveals once and for all that security is not only about preventing breaches, but also about ensuring fundamental business continuity.
While it might take time, everyone agrees the pandemic will end. But how will the cybersecurity sector look in a post-COVID-19 world? What type of software will CISOs want to buy in the near future, and two years down the road?
To find out, I asked six of the world’s leading CISOs to share their experiences during the pandemic and their plans for the future, providing insights on how cybersecurity companies should develop and market their solutions to emerge stronger:
- Ian Amit, Cimpress
- Colin Anderson, Levi Strauss & Co.
- Al Ghous, ServiceMax
- Adrian Ludwig, Atlassian
- Rinki Sethi, Rubrik
- Elwin Wong, Ross Stores
The security sector will experience challenges, but also opportunities
The good news is, many CISOs believe that cybersecurity will weather the economic storm better than other enterprise software sectors. That’s because security has become even more top of mind during the pandemic; with the vast majority of corporate employees now working remotely, a secure network has never been more paramount, said Rinki Sethi, CISO at Rubrik. “Many security teams are now focused on ensuring they have controls in place for a completely remote workforce, so endpoint and network security, as well as identity and access management, are more important than ever,” said Sethi. “Additionally, business continuity and disaster recovery planning are critical right now — the ability to respond to a security incident and have a robust plan to recover from it is top priority for most security teams, and will continue to be for a long time.”
That’s not to say all security companies will necessarily thrive during this current economic crisis. Adrian Ludwig, CISO at Atlassian, notes that an overall decline in IT budgets will impact security spending. But the silver lining is that some companies will be acquired. “I expect we will see consolidation in the cybersecurity markets, and that most new investments by IT departments will be in basic infrastructure to facilitate work-from-home,” said Ludwig. “Less well-capitalized cybersecurity companies may want to begin thinking about potential exit opportunities sooner rather than later.”