Necessary Boardroom Conversations: Doubling Down on Secure Digital Transformation Strategies in the Time of a Global Pandemic

Necessary Boardroom Conversations: Doubling Down on Secure Digital Transformation Strategies in the Time of a Global Pandemic
5 minute read

Enterprise organizations around the globe have been progressing their strategic digital transformation initiatives for years at an accelerated pace and 2020 was forecasted to be much the same. For many organizations, 2020 kicked off with a focus on leveraging digital experiences to improve engagement with employees, enhance connections with customers, optimize supply chains, and accelerate the delivery of products and services. While transformation continued apace, adoption of a comprehensive digital strategy for product and service delivery has been slowed by generational and socio-economic adoption curves, and employee dependence on digital engagement for work has gained prominence almost entirely in segments with large remote workforces. 

Then we entered February of 2020 and the world began to feel the impacts of a massive global health crisis that seemed poised to disrupt all organizational guidance and strategic plans. For many, the COVID-19 pandemic reset plans before the first board meeting of the year. One major theme coming from these reset plans is that organization’s of all sizes have dramatically accelerated the need for digital transformation and at the same time emphasized the need for brands to establish stronger digital trust. The pandemic has influenced changes in how people work from home, live (e-learning, telemedicine, and eCommerce) and receive relevant, accurate information on brands they purchase from and follow. Now, every brand is working to respond with strong measures to establish digital credibility and trust with customers, partners, and employees.

Cyber resiliency of organizations worldwide is being tested in a new way with nearly 100% work-from-home (WFH) across every sector. With distracted, stressed, and anxious workers attempting to WFH in lockdown and quarantine settings every day, formerly cautious workers may slip up. They may fall for phishing attempts, inadvertently disclose confidential info, or generally be susceptible to exploit more often as they try to help themselves and their families stay safe and healthy. 

As Coronavirus spreads globally, thousands of new domains are being registered with names containing keywords related to healthcare or Coronavirus specifically. Scammers are realizing viral gains by leveraging social media platforms and marketplaces as opposed to merely spamming entire populations via email. After a flurry of negative press around the increased activities of these scammers, Facebook Marketplace has begun to crack down on ads for ‘essential’ healthcare goods. Amazon has taken a similar approach, removing such listings where the price has been inflated much higher than normal because of COVID-19. Although social platforms and marketplaces have taken significant action regarding the takedown of these unscrupulous offerings, fraud still abounds as scammers get creative to avoid removal. An organization’s cyber resilience must be hardened to ensure that the weakest link — humans (that are now 100% remote!) —- don’t further put the organization at risk of compromise. 

Not only are individuals more vulnerable around the information they consume, but as an organization, all marketing dollars are having to be reallocated to digital and online-only capabilities for the foreseeable future. This acceleration of our collective digital transformation efforts is demonstrated by Zoom user growth, progressive high-profile Zoom examples over the last few months, and digital marketing spend.

Since individuals and businesses are interacting with each other exclusively digitally today, it is now imperative that organizational digital trust is unyielding. Individuals, regardless of geography, are being targeted in similar ways - for example, by malicious and insecure mobile apps putting their personal information at risk. Attacks like this make it even easier for an attacker to impersonate or take advantage of individuals, the organizations they work for, or those they interact with on digital platforms. As a policy, organizations should ensure that all their engagement efforts - from marketing to HR to customer support - are not being impersonated or mimicked elsewhere (other platforms or websites). A singular and cohesive voice and online brand for your entire ecosystem has never been more important, as that is the only way people can engage with your organization. To do this well, you may need to change how you engage and advertise your efforts on your website and other digital platforms so that your organization and customers are secure.

As we continue to WFH in the coming months as the pandemic continues to unfold across the world, we’ll have to tackle the challenge of virtual interactions at scale across industries. Securing and enabling engagement has always been a balancing act. Now that all of our engagement is online, the scales have been tipped. The veracity of identities and authenticity of engagements is paramount to ensuring secure spaces for trusted interactions and initiatives. As organizations and industries figure out how to host meaningful and secure meetings and events for both their internal and external audiences, each will have to tackle what elements of identity and authentic engagement matter to their communities. Protecting your publicly accessible attack surface, by providing comprehensive and continuous visibility into all digital threats and remediating as soon as they arise, is key to operating safely in our new digital-first world.

This crisis immediately focuses our attention onto the components that make up an individual’s and an organization’s digital footprint. There are various technical capabilities to choose from that secure an individual’s and organization’s digital footprint - encryption, 2FA, passwords, biometrics, and more. However, in addition to securing your owned components for yourself and your organization, you also now have to think about the fraudulent versions of your organization and people that may propagate without your knowledge because of our paradigm shift to 100% digital and remote. Especially now, as we embrace digital exchange in our personal and professional lives, organizations must accelerate corresponding security protections to discourage bad actors who are prepared to take full advantage of these uncertain times.

See ZeroFox in action