Time To Outsource Security?

Remote working has added vulnerabilities to the already difficult problems of company-wide security cultures.  Research shows a huge increase in the number of phishing emails, frequently using Coronavirus-related themes including headings like ‘revised vacation and sick time policy’ or ‘important message from HR’. Many workers are now a step removed from the reach of those responsible for in-house information security, usually the Chief Information Security Officers, and the protocols they monitor, which range from regulatory and legal compliance to staff training and breach notification. An article in Security Boulevard calls this situation an opportunity for positive change, and suggests asking if the CISO actually needs to be resident inside the physical premises of an organization. Virtual CISO teams that work remotely can be used in an advisory role to the resident CISO, or their role can be expanded to perform the entire function. They are likely to cost significantly less than the traditional model, while delivering a service which is ideally suited to remote working.