The Key to Achieving a Well-Managed Approach to Security

managing risk and security

Canadian organizations are no strangers to cyberattacks, and COVID-19 has only served to introduce new vulnerabilities due to the sudden work from home orders on networks. Organizations have been pushed to rapidly digitize while protecting their financial position and ensuring business continuity – joint realities which can have severe implications on network security. Security discussions from a risk perspective need to be a priority as the remote workforce has a long-term horizon. Additionally, striking the balance between implementation and analysis is also key to mitigating risk and avoiding potential exposure.

Based on trends we’ve seen in recent months, here are some tips for organizations to achieve a well-managed approach to security.

Integrate an endpoint detection response

Home routers tend to be much less secure than corporate networks, which means organizations need to have improved endpoint detection response (EDR) for both corporate and personal devices. When we conducted our 2020 security study, Cyber Resilience: An Evolving Perspective, 70 percent of respondents indicated they haven’t integrated any EDR solution into their business. With the sharp increase of phones, laptops and IoT devices relying on remote networks, in-depth and ongoing evaluations of an organization’s approach to security is necessary to limit exposure as much as possible.

Invest in security to stimulate innovation and growth

Historically, we’ve seen industries that are highly-valuable to bad actors, such as financial services, embrace proactive security measures more effectively than others.But any organization ultimately has data that needs to be protected, so organizations in every industry should be taking the same approach in order to mitigate risk. The key is to view security through an enabler rather than inhibitor lens, as effective security measures can contribute to an organization’s innovation and growth rather than be a hindrance.

The consumption of cloud services, for example, is a hot topic of discussion given the remote landscape. However, organizations must take a holistic approach to integrating new technologies that include security planning and employee training in order to extract the true value of these services and mitigate future risk.

Embrace AI and ML tools

Artificial intelligence (AI) and machine learning (ML) are poised to change how we do business on a day-to-day basis, highlighting beneficial opportunities for both large and small organizations. One key function of these tools is to help with cybersecurity analysis or security orchestration, automation, and response (SOAR). If set up and monitored properly, these tools can significantly increase cybersecurity effectiveness and will continue to be of value as technology evolves.

Prioritizing data loss prevention

Unfortunately for many organizations, the rapid shift to a remote workforce has had a negative impact on their cybersecurity planning. With employees requiring access to data from different networks and connections, organizations are now scrambling to streamline and understand how and where corporate data is being accessed and stored. As such, we are seeing an increase in data loss prevention (DLP) discussions taking place as more organizations are seeing the importance of maintaining secure data centres, whether on-premise or cloud-based.

Maintain perpetual focus on security

In the inevitable event of a cyberincident, many organizations are laser focused on restoring normal business operations as quickly as possible. Once this is accomplished, however, that same level of scrutiny is lost – often preventing organizations from taking the critical steps of identifying, resolving and testing against an incident’s root cause. Implementing policies that view security merely as a technology or toolset-first approach only serves to solve point-in-time challenges.

Manage organizational roadblocks

Operational disruption and economic uncertainty due to COVID-19 continue to be the shared experience of many Canadian organizations. As a result, stakeholders can be hesitant to move forward with projects that introduce further change and require additional budget – including maintained or increased investment in cybersecurity.

It’s important to remember that having manageable, flexible and proactive security measures in place contributes to smooth operations and keeps costs down in the long run by preventing attacks before they have a chance to occur. Organizations should see this period of disruption as an opportunity to embrace next-generation technology that sets them up for long-term success, rather than deferring to the status quo and renewing stale technologies.

With decades of experience, CDW can objectively assess your organization’s cybersecurity practices and create a strategy that helps you predict, prevent and quickly respond to evolving cyberattacks. To learn more, visit