Last year, companies compressed multiyear timelines for technology integration and innovation into a few months as the pandemic pushed office workers into fully remote work environments. As the dust settles from this flurry of reactive, but necessary, activity, it’s time for security and risk (S&R) pros to take stock and streamline operations for longer-term strategic advantage. To this end, we asked Forrester’s Security & Risk team to provide seven top recommendations for your security program. Here’s a taste of our 2021 guidance:
- Plan for future tech consolidation. While vendor consolidation can often be viewed as the path of least resistance, it cannot be ignored that tech titans like Google and Microsoft have developed mature security offerings for a wide array of user needs. Some offerings like data loss prevention (DLP) and antimalware tend to be “good enough” when purchased as built-in functionality, though each organization has its own unique needs. Today’s chief information security officers must evaluate their own risk tolerance and requirements to determine where native functionality or best-of-breed offerings are most appropriate.
- Balance security requirements with employee privacy when adopting tracking software. A remote workforce creates additional risks for any company. While robust threat mitigation tools are necessary, organizations must update their security awareness training to empower their workforce and reduce any privacy concerns inherent to monitoring solutions. Looping in HR, internal audit, risk, and privacy functions prior to purchasing any technology solution can also help ensure the long-term success of the monitoring program.
While the top priority for companies is overcoming the challenges created by the pandemic, it’s also essential that companies look beyond the pandemic to build a sustainable cybersecurity strategy. Check out our 2021 top recommendations report, and register for our forthcoming webinar on this topic to help accomplish this.