The early phases of the COVID-19 pandemic had a positive impact on the cybersecurity profession, raising the profile of chief information security officers and others within their organizations, and giving them a new sense that their work and expertise were appreciated.
“The overall implication will be that cybersecurity is valued at a higher level and has a better voice within the overall organization,” said one CISO.
While the study, developed by CRA Business Intelligence and published in summer 2020, offered other more sobering perspectives on the profession at peak pandemic — including elevated levels of stress and burnout — it stands also as a powerful reminder of cybersecurity professionals emerging role as the business world’s quintessential crisis managers. The full report can be found here.
In the weeks after COVID-19 was declared a pandemic in the U.S., a consensus quickly emerged that the outbreak had significantly raised the global community’s cyber risk profile — by forcing a massive shift to less-secure home-based workforces, sparking a rise in exploits that preyed on pandemic-related fears and emotions, and expanding attack surfaces in sectors like healthcare, banking and food distribution.
CRA’s research looked beyond the pandemic threat landscape, focusing instead on its many significant implications for cybersecurity as a profession and organizational function. And it offered recommendations to security professionals hoping to seize the moment.
The study, “The Pandemic as Catalyst for Change,” is based on a survey of some 280 cybersecurity professionals, completed in June 2020. Respondents, 77% of whom were located in North America, represent a cross-section of the profession, including large (49%), medium (29%) and small companies (23%), and a broad selection of industries, such as IT/technology, services, financial services, education, government, manufacturing and healthcare. It also analyzes cybersecurity strategies by industry and examines how organizations’ pre-pandemic security stances affected their responses and outcomes.
The report’s key findings include:
- Cyber professionals say they are newly appreciated and valued by their organizations owing to their work in the pandemic — countering the profession’s long-held sense of its marginalization, and even disregard, by leaders and others in their organizations.
Source: SC Media