There has never been a time in IT and cybersecurity when things have stood completely still. Technology is always improving. Solutions are developed to meet new needs. New threats emerge, and new modalities and countermeasures are developed to protect against them. Change is a constant. But we can hardly pretend that the last year wasn’t different. In cybersecurity, as in all areas of life, we were faced with a sudden onslaught of new demands all at once – some which we were ill-prepared to meet.
How the Pandemic Impacted Cybersecurity
Within a matter of weeks in March 2020, a majority of the workforce was suddenly working from home. Of all the business verticals disrupted by this, one might have imagined that cybersecurity would not need to shift gears too much. Remote management and securing of infrastructure were, in fact, well under way before the pandemic. How much could pandemic circumstances impact a workforce that was already comfortable working remotely?
The reality, however, is that the pandemic has represented a significant challenge for cybersecurity pros. Though we are used to addressing the technological challenges of remote work, a full lockdown has introduced a host of very human challenges into management of the technology.
Those just getting started in cybersecurity or considering a career in the field may be wondering – how much does the pandemic-era incarnation of the profession resemble how it looked before, and how will it look when the dust settles?
Let’s take a look at how the pandemic-era remote cybersecurity experience differs for pros from the systems administrator to the CISO, to get a feel for what it might look like if and when we can slowly and safely return to the office.
Life in the Decentralized SOC
In cybersecurity, as in all areas of computing, more is accomplished virtually than ever before. The security operations center (SOC) has long consisted of a dispersed crew of cybersecurity pros working apart from the infrastructure and applications they secure. Well before this most recent, expansion of working from home, cybersecurity staff were completing business-critical tasks from outside the office such as:
- Pushing patches to remote systems rather than to machines in the same physical space
- Securing cloud and hybrid cloud systems in accordance with shared responsibility guidelines
- Using penetration testing tools to reveal vulnerabilities in networks and applications
- Architecting networks and solutions to minimize the risks of data theft or misuse
- Controlling access privileges
While such foundational responsibilities have remained the same, some tasks have gotten more complicated in the last year, such as:
- Monitoring network usage and watching for irregularities that might indicate a data breach: With so many users going straight to the internet rather than using corporate networks, this has become difficult.
- Remediating damage in the event of data breaches: In an all-remote environment, cybersecurity teams can’t always be certain that employees are reporting data breaches or other suspicious network security-related events.
- Asset management: Keeping an inventory of hardware and software, making sure everything is up to date, configured correctly, etc. is difficult when there is no central location for a configuration management database’s (CMDB’s) central source of truth. With so many people using their own workstations from home, that means a lot of technology that is not in the CMDB at all. Preventing data leakage becomes difficult when users are communicating via outside social applications, as does monitoring for people clicking through malicious content.
Strategic priorities in the field also shifted as an unprecedented computing landscape introduced unprecedented challenges. Prior to the pandemic, cybersecurity teams staunchly subscribed to a ”you’re only as secure as your weakest link” mantra. With this came consideration for all domains within the cybersecurity realm: application, data, network and infrastructure to name a few. These are not any less important, but one particular responsibility has eclipsed these critical functions during the pandemic (in terms of business stakeholder visibility): maintaining consistent, secure network availability.
Cybersecurity from Home vs. Cybersecurity Now
While for some cybersecurity pros having to – or being able to – work from home is a godsend, not everyone enjoys it. Distractions from family or noisy neighbors, dogs barking or less-than-effective home office environments can make things more taxing.
Under our current circumstances, employees and management often see each other only as names on screens rather than as real three-dimensional human beings. For those in the upper levels of cybersecurity, that makes management of teams more difficult. Threat modeling and whiteboarding is now carried out on Zoom meetings – but an important collaborative element is lost.
And that ever important concept of work-life balance, often discussed before the pandemic, tends to tilt all the way toward work. Even for those who love working from home, the current scenario is different; with no coffee shops to work in and no casual socializing possible, we are not just working from home but working in isolation.
These conditions could very well be one of many factors converging at scale to make the enterprise world’s cybersecurity posture overall more tenuous. The good news is, with CompTIA’s industry standard-setting certifications, dedicated cybersecurity professionals can always rise to the occasion.
CompTIA: Cybersecurity Skills for Every Way of Working
The CompTIA Cybersecurity Career Pathway helps IT pros achieve cybersecurity mastery, from beginning to end – at home or on-premises. From entry-level to intermediate and advanced, these cybersecurity certifications prove to employers that you are the best candidate for the job and have the skills needed to protect the organization from cyberattacks and threats.
- Entry Level: CompTIA Security+ establishes the foundational knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs.
- Intermediate Level: CompTIA Cybersecurity Analyst (CySA+) and CompTIA PenTest+ are the next steps in the cybersecurity career pathway. CompTIA CySA+ focuses on defense through incident detection and response, and CompTIA PenTest+ focuses on offense through penetration testing and vulnerability assessment.
- Advanced Level: CompTIA Advanced Cybersecurity Practitioner (CASP+) is intended for those who wish to remain immersed in hands-on enterprise security, incident response and architecture – as opposed to strictly managing cybersecurity policy and frameworks.
Is a CompTIA cybersecurity certification right for you? Learn more about the topics covered and start studying by downloading the exam objectives for free.
Working in today’s cybersecurity world may demand working in ways unimaginable just a year ago. Tomorrow’s world may call for focusing on different skills that take precedence in the face of new challenges. Regardless of what the cybersecurity workplace demands, now and in in the future, CompTIA certifications confer and validate the knowledge it takes to do the job well, and denotes the professionalism required to handle it under any circumstances.