An Interview with Everbridge CSO Tracy Reinhold:
The pandemic undeniably accelerated trends towards hybrid and remote work. While these methods of working offer flexibility to employees, they also mean additional security challenges for Chief Security Officers (CSOs) and their teams.
Today’s security professionals must help their organizations fulfill their duty of care by safeguarding remote employees and field service workers (as well as those traveling on business) against emerging digital and physical threats ranging from ransomware to severe weather events. In many cases, the security teams themselves are spread out across various locations.
To build enterprise resilience against threats, a growing number of savvy organizations use digital transformation to prepare for evolving work trends and thrive. Everbridge CSO Tracy Reinhold offers advice and insights for how security leaders can mitigate threats, protect their people, and drive organizational success.
This interview originally appeared on Everbridge.com and is reprinted here with permission.
Q: The pandemic accelerated new work trends. Which present the biggest challenges for CSOs and their teams?
Tracy Reinhold: I think one of the biggest challenges is the new hybrid workforce, which complicates the idea of duty of care for CSOs. In the past, it’s been very simple because we’ve all been centrally located at an office facility. Now, with workers being more remote and this hybrid model, we still have a responsibility to take care of our employees and ensure that they’re aware of potential threats and vulnerabilities, whether they’re in our office or working at a remote location.
Q: What specific challenges do these new work trends present?
Reinhold: There’s a loss of identity with an organization when you are not physically present, elevating the insider threat picture for organizations. Insider threats are individuals who have access and availability for trade secrets, company secrets, and those sorts of things. In the past, there were key indicators that would be indicative of people engaged in insider threat activity: logging onto your computer at odd times, working odd hours, etc. All those dynamics have changed because of the very nature of the hybrid workforce. We no longer care if they work in the middle of the day, middle of the night, which complicates the idea of identifying insider threat activity. Security professionals need to be more vigilant, and they need to rely on technology to ensure that the insider threat issue is addressed.
Q: Do you see duty of care evolving for companies with field service workers? If so, how?
Reinhold: Yes. Individuals who are routinely remote away, like field service workers, could be in conditions that are not ideal. Duty of care requires the ability for two-way communication between the remote worker and the corporate security team. If you are a remote worker and you are addressing an issue that could put you potentially in harm’s way, it’s important to be able to have a platform like Everbridge’s that allows you to put together a safety quarter where you can check in routinely and routinely tracks your progress. This allows you to have some semblance of connectivity with the company and allows the company to determine whether you need assistance and assess response to an issue that you’ve identified.
Q: Ransomware and other security threats are on the rise around the world. What can security leaders do to better mitigate these threats and protect their people and assets?
Reinhold: Digital security threats, including ransomware and malware attacks, are very, very prevalent these days. One of the challenges is that organizations have failed to do the basic blocking and tackling. First and foremost, a good key to preventing ransomware and other malicious entries from a cybersecurity perspective is to ensure that your software is up to date with the latest patches and that you have updated all your malware. I look at it like the security system sign in your yard: it makes the bad guy go to the next house. By doing the basic blocking and tackling in the cyber warfare space, we make it a less attractive target for the adversary than somebody that hasn’t.
Q: What are some best practices for responding to a digital security threat? How does this differ or not from the response to a physical security threat?
Reinhold: The convergence of digital and physical security is the best way to provide that 360-degree protective envelope around your organization or business. Traditionally, digital security is responsible for a certain part of the organization and physical security is responsible for another part. When those two are segregated like that, there’s a gap in the center and that gap is where risk and vulnerability live, because we always think it’s somebody else’s responsibility. While there are different mechanical issues dealing with cyber and physical security, the idea of the two of them converging together is how you mitigate the most risk.
Q: How can security professionals be more confident that their workforce is prepared for various security threats?
Reinhold: When you’re thinking about being confident in your workforce, one of the things to consider is conducting exercises with your employees to ensure that they’re prepared. It could be something as simple as an evacuation drill, or it could be something as complicated as a major disruption to a data center. Practicing those types of things in real-life and involving real-life employees allows you to be better prepared to address unexpected business disruptions. Remember, you play like you practice. If you’ve never practiced, then you’re not going to play well. Reinforcing the basics is incredibly important to ensure the effectiveness and the understanding of your security organization for the entire company.
Q: How can Critical Event Management (CEM) address evolving work trends?
Reinhold: Critical Event Management creates an environment that allows an organization to respond quickly and effectively to a business disruption. What I like about critical event management is that it is not threat or vulnerability specific. Whether it’s a cyber disruption, a terrorist disruption, a weather disruption, or an IT disruption, all those things impact a company’s ability to maintain an operational tempo that leads to success. Shortening the recovery time, ideally identifying threats on the front end before they manifest, and being able to recover from it quickly, puts you a better competitive position against one of your other companies in the same space. In that way, CEM is an ongoing process that never really ends and is not specific to it as an individual incident. It’s rather a mindset and the leveraging of technology to ensure that your company is positioned to be competitive into the future.
Q: How do you see the role of security professionals changing going forward?
Reinhold: The pandemic has accelerated the acceptance of technology and the utilization of technology, including to better protect our employees. CSOs and security directors have had to embrace technology where some of them in the past have been a bit reluctant. It’s also important to think about relevance. Technology evolves, meaning it has a shelf life; thus, the idea that you know enough is erroneous. Always be learning, always be thinking and always be strategic. We can hire subject matter expertise, whether it is physical or digital, but a security leader must understand the value that security brings to the business. And, in order to do that, they have to be a student of that business. Being a student of the business means understanding what the critical capabilities are and what’s important to the company to better protect them. It’s not enough to myopically look at security procedures. You have to look at how they impact the organizations’ ability to perform effectively and efficiently. Building your entire security apparatus around those critical capabilities is how you transform a security organization from a cost center to a value center.
About Tracy Reinhold
Tracy Reinhold is Chief Security Officer at Everbridge. He is responsible for advancing Everbridge’s enterprise-level security strategy, as well as working closely with customers and partners to optimize their organizational approach to managing and responding to critical events.