As an auditor information security management systems and IT service management systems, I have witnessed a lot of change in the last three years. However, there is an immeasurable paradigm shift that has taken place in the market since the COVID pandemic has disrupted the way the world works.
Much like buying books shifted when the internet offered Amazon, the COVID marketplace and industry shifted from brick and mortar business to remote laptop connectivity from a couch or a kitchen table almost overnight. People began telecommuting in slippers and bathrobes, and productivity seemed to soar to new heights.
Entire corporations who had always stressed face-to-face work environments have relaxed the control of cubicle monitoring and empowered their workforce with company-provided equipment to work remotely. 2022 will be the year to determine what will be the balance between pre-pandemic work environments, and the new normal of empowered associates working remotely.
Our new normal means that risks are no longer limited to commonly recognized sources such as cybercriminals, malware, or even targeted attacks. Moving to a secure remote work environment, without a resilience plan in place that does not include cyber resilience increases an organization’s risk. Before COVID, we knew that while a majority of firms have a disaster recovery plan on paper, nearly a quarter never test that, and only 42 percent of global executives are confident their organization could recover from a major cyber event without it affecting their business.