During the last nine months, the pandemic has forced organisations into a remote environment, which in itself exposed vulnerabilities within an organisation’s network and uncovered holes in employee cybersecurity protocol. And for cybercriminals, they took advantage of the turbulence ensued by the crisis as phishing and malware attacks saw a steep incline. In fact, we tracked just over 8.8 million COVID-19 related threats globally – nearly 92 per cent of which were spam delivered via emails.

But as we move into this ‘new normal’ of 2021, what does all of this mean for cybersecurity leaders and CISO’s, and what do they need to focus on to continue successfully fighting on the front line?

Take time to re-set, but don’t take your eye off the ball

As we move into a new year and the dust starts to settle, now is the time for a CISO to take stock and re-set their cybersecurity strategy for the future.

This will involve accounting for increased threats, as many organisations continue to work from home, through a mixture of protecting remote endpoints, cloud systems, user credentials and VPN systems, as well as refreshing training courses to turn that newly dispersed workforce into a more effective first line of defence. Although the number of detected ransomware threats decreased, Trend Micro saw a 36 per cent increase in new ransomware families compared to the same time last year – so while it’s important to take a moment of reflection and learning, its also a time to not take your eye off the ball.

Maintain the boardroom influence

Challenges this year have reinforced the need for cybersecurity to be on the agenda of business leaders, particularly as the pandemic forced Australian organisations to reconsider how and where they work. However, as many business leaders begin to move into the recovery phase, it’s important that cybersecurity continues to stay on the c-suite agenda.

Cybersecurity leaders can do this by showcasing an understanding of the overall business strategy and the role cybersecurity plays in it, by building trust with leadership, and understanding the unique risks faced by individual business units. By coming to the table in the new year with a vision, mission and strategy for cybersecurity, the board will continue to see the value, return on investment, and ultimately how cybersecurity needs to continue to be a priority in the new normal.

Skills, skills, skills

‘Skills’ has probably been one of the most discussed areas of the cybersecurity industry over the years. And, with COVID-19 shining a brighter light on the need for an organisation to be resilient to cybercriminals, the skills gap has never been more evident. This gap isn’t set to be shrinking anytime soon, but the best way to navigate this in a cybersecurity team is in upskilling, training and nurturing young professionals that have the passion and initiative needed for the role. It won’t be an overnight fix, but putting the time into upskilling employees will be the best investment you can make to prepare for 2021 and beyond.

Collaboration is key

Finally – I’ve said it before, and I’ll say it again – the success of the industry comes down to the support and collaboration within the network in which we operate. As a community, now more than ever we need to focus on transparency and an increased desire to do better in the future and help others along the way.

Taking the learnings of this year, no organisation can operate or survive within a vacuum, so leaders must make the conscious effort to share, collaborate and support one another to build a united frontline against the inevitable unknowns yet to come.

Ashley Watkins is Managing Director, Commercial, Trend Micro ANZ