Don’t be the department of ‘No’…:
[…] On the one hand, there are old-fashioned companies obsessed with absenteeism that never bothered to install the right technology to allow for their employees to work from home, because they never conceived of them doing so, and that now find themselves lacking the protocols, practices and tools needed to provide minimally secure channels.
Then there are organizations with paranoid IT managers who have implemented practices that were never intended to enable working from home, and who are now discovering in the new context created by the pandemic that their policies largely prevent employees from connecting to their systems
All the signs are that the pandemic will change to varying degrees the way we work: many of the practices being imposed in organizations as part of the security measures needed to combat the spread of the pandemic will likely remain in place after it has been brought under control.
Which prompts the question: what qualities are required of corporate IT security managers? To begin with, given that we are talking about a constantly changing environment, they must be up to speed regarding the many threats to their systems and the tools potential attackers could use, along with the skills needed to understand these threats and deal with them. As things stand, the sad truth is that the majority of security managers lack even the essential skills required for the job.