How should business and educational organizations, in particular, deal with work-from-home and home-based learning arrangements to mitigate the risks?
Singleton: Organizations need to ensure that security is at the heart of all their digitalization efforts. They need to invest in a robust cybersecurity infrastructure that will give them visibility of the users, devices, and the corporate applications and data they are accessing. Fortunately, as businesses embrace a hybrid workplace, cybersecurity now tops corporate priorities.
According to our Future of Secure Remote Work report, 85% of APAC organizations now say cybersecurity is important or more important than ever before. Cisco continues to actively monitor global traffic trends and usage worldwide, and has a proactive plan to support our customers with their changing needs.
Further education and a culture change are also crucial for organizations to strengthen their security infrastructure and adapt to the evolving cyber landscape. Our same report revealed that the lack of awareness and having too many tools or solutions to manage are top obstacles for APAC organizations when it comes to enforcing cybersecurity protocols. Users need to be vigilant, and organizations should ensure that they use multi-factor authentication, such as Duo, on top of using username and passwords to authenticate users before they are granted access.
Retraining and upskilling programs are also crucial to equip employees with basic cybersecurity skills and educate them about the common threats that plague us today. By raising employee awareness on cybersecurity protocols and simplifying the whole process, organizations can better protect themselves against these threats and ensure smooth, secure operations in a hybrid work environment.
Aside from businesses, educational institutions also need to manage the risks amid a remote learning environment while maintaining an ideal student experience, engagement and retention. Users are leveraging their own devices, such as smartphones and tablets, to connect to applications and networks.
With lessons conducted virtually, concerns surrounding the privacy of remote platforms and tools have risen. Collaboration tools must ensure security and privacy – there should never be a trade-off for convenience and simplicity.
With more than 3,500 security solution providers available, how should organizations deal with the complexity of security architecture and simplify the delivery of end-to-end security?
Singleton: Cybersecurity has historically been overly complex, with the constantly changing application environments, coupled with having multiple tools and solutions from a variety of providers. Organizations should opt for a simple, integrated approach that will address the cybersecurity challenges we face today. It is crucial to have complete visibility across the endpoint, users and applications to quickly implement policies and secure control points.
One of the best ways for organizations to simplify security is to adopt a Zero Trust approach which looks at security in three key areas — workforce, workload and workplace.
- Workforce: Protect users and their devices against stolen credentials, phishing, and other identity-based attacks. This can be done by using tools such as multi factor authentication to ensure the right user and device are accessing any network
- Workload: Protecting the flow of information across your network, right from your data centers to the cloud and to end-points
- Workplace: Ensuring that the office network if adequately protected so that IT teams are able to gain insights into users and devices, identify threats and maintain control over all connections in the network
At the same time, organizations need a platform approach to simplify their security across the network. At Cisco, we launched SecureX last year which connects the breadth of Cisco’s integrated security portfolio with customers’ entire security infrastructure for a consistent and simplified experience. It provides the IT and security team with visibility of security issues across their entire network in one dashboard, enables automation, and strengthens the security across network, endpoints, cloud, and applications.
Finally, organizations should also begin on their SASE journey to integrate multiple security and networking functions into one single enhanced offer to secure today’s distributed workforce that is connecting remotely and through the cloud.
There are 2.8 million cyber professionals in the world and 4 million unfilled jobs at the same time. How can we effectively bridge this talent gap?
Singleton: Continuous upskilling and retraining of talent serve as a key approach in bridging this talent gap. Cisco’s Accelerating Digital Agility Research revealed that over half (54%) of APJC Chief Information Officers (CIOs) and IT Decision Makers are upskilling talent within the next 12 months, higher than the global average of 46%. 52% of them are also investing in talent in new areas.
Beyond addressing the current skills gap, investments in training also help drive employee engagement and persuade talent to join a company – both critical factors in a competitive market.
In addition, every IT organization, and in fact, every department, has a set of skills and roles that are in decline, and a set that are in demand. Employers should aim to align those with declining roles against their most suitable open requisitions and prepare them to transition to a new role with higher value-add.
On top of upskilling and retraining talent, organizations should look into emerging technologies like Artificial Intelligence and Machine Learning to address the talent gap. By employing the right technology, manual tasks can be largely eliminated, giving employees the freedom to take on more value-adding, meaningful tasks.
In the hybrid future of work, the skills that are in demand will continue to evolve, and we foresee that increased automation will continue to shape the skills and talent landscape.