The deluge of change brought on by the pandemic may seem like an anomaly, but varying levels of change happen every day. Some adaptations and evolutions we can prepare for, while others—like the pandemic—come without warning. Yet despite the uncertainty and stress that many of us felt (and may still feel) amid all of the unexpected instability, there have been positive outcomes as well. The pandemic acted as a catalyst for rapid innovation, including much-needed COVID vaccines and digital solutions that brought teams together virtually.
Research organizations and educational institutions were forced to adopt new methodologies and learn new ways of connecting, collaborating, and researching. As the world moved online, new opportunities were exposed and pre-conceived notions of impaired productivity outside of the traditional four walls of work and school were challenged and ultimately debunked.
However, the digital shift also exposed new challenges and vulnerabilities that many organizations had to rapidly identify and address. Brian Littlefair, CEO at Cambridge Cyber Advisors, and Richard Forrest, SVP of Global Operations at Cayuse recently sat down to discuss the evolving security landscape and how institutions and organizations can protect their data in a virtual or hybrid environment.
Security challenges due to shifting needs and environments
IT teams were faced with quickly provisioning tools and technologies to help employees work effectively from home or other remote locations. They also had a new challenge of securing company systems that may have previously been secured behind on-prem firewalls or other security measures.
“I think it’s a fairly unique time from a security perspective because not only have we had a pandemic, we’re actually experiencing (or have experienced) the highest level of security attacks that we’ve ever seen,” shared Brian Littlefair, CEO at Cambridge Cyber Advisors.
In fact, according to Deloitte, “prior to the pandemic, about 20% of cyberattacks used previously unseen malware or methods. During the pandemic, the proportion has risen to 35%.” It’s clear that cybersecurity risks have increased as cyber criminals aim to take advantage of a global society’s reliance on digital technologies.
Understanding the increased threat to cyberattacks, especially in academia, should put a renewed sense of urgency and perspective on risk and the approaches we take to protect our data. As a research and educational community, everyone is working on something of value. Some datasets and projects may seem obvious as sensitive and valuable information (e.g., patient data, human research projects), while others may not be immediately obvious. The truth is, it may not be immediately clear what data a cybercriminal may be after and for what reason. The goal, then, should be to mitigate risk and protect all data.
Most organizations have a business continuity and disaster recovery plan. Traditionally, this has entailed strategies and technologies that enabled a sub-section of the workforce to conduct their specific functions remotely. However, these plans typically did not take into account a situation, like the pandemic, that would require their entire workforce or student body to work remotely. Further, video conferencing, remote collaborative workspaces, and other solutions rapidly consumed bandwidth and slowed down the network overall. This added another layer of complexity and challenge that many were simply unprepared to address, but forced to adapt and accommodate in rapid fashion.
Additionally, many organizations relied heavily on paper-based processes prior to this wave of digital transformation. These processes restricted researchers’ ability to effectively conduct research, apply for grants, and share information, particularly when colleagues were dispersed in varying locations. Ensuring security in this new digital process has risen in priority.
“We are following a security principle . . . it’s really about the risk management of running research programs, and bringing security into that process has been a big focus,” added Richard Forrest, SVP of Global Operations at Cayuse.
Data protection strategies for today’s institutions
To address the needs and challenges amid a worldwide digital transformation, many institutions focused on cloud-first technologies that would reduce the load on the institution’s bandwidth, improve speed, maximize storage, and enhance accessibility.
By leveraging a cloud-first technology vendor, like Cayuse, to help manage and protect data, organizations and institutions can focus on their core strengths (e.g., research) and allow the vendor to do the same (data protection, storage, and accessibility). This allows both parties to perform at optimal levels and reduce risk across all functions.
“It simply makes business sense and economic sense as well,” added Littlefair.
Protecting research data has expanded from simply backing up the information on a network server to also including an off-network backup that is impermeable to cyberattack. As cyber criminals become more sophisticated in their attacks, it’s increasingly important for organizations to secure their research data “off site” or in the cloud.
Ultimately, to ensure data protection and reduce security risks, it’s important for institutions to look at their holistic strategy to identify siloes or disconnected processes and systems. Then, explore solutions that can help streamline those processes and shore up data security.
At Cayuse, we are committed to security, availability, and privacy. We recognize that billions of dollars’ worth of research is managed through Cayuse, which is a huge responsibility. That’s why we have focused on delivering a solution that combines industry-leading cloud technology and unrivaled security services and infrastructure with highly trained and experienced staff who adhere to strict industry standards. Protecting your data at every stage of the research lifecycle is of paramount importance to us, and we take the actions necessary to prove it.
