https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

When will security frameworks catch up with the new cybersecurity normal?

When will security frameworks catch up with the new cybersecurity normal?

  • Written by Tony Howlett / Dark Reading
  • 29th November 2021

Now that the system shock to IT systems and organizations from the pandemic (not to mention the horrible human toll) has started to ease up, we’re seeing the emergence of a whole new landscape for cybersecurity. Before last year, most organizations relied mostly on an in-person workforce in company-owned or leased buildings, with remote work reserved for contractors or traveling execs and salespeople.

Then along came a global pandemic that, among other things, made working face-to-face a real danger. Many companies had to switch their entire workforces over to working from home, literally overnight. As terrible as it was, one silver lining of the pandemic is that it may have been the dam-breaking event that makes widespread work-from-home the new standard.

However, the pandemic has also accelerated the disparity between large cybersecurity frameworks like ISO 27001 and the NIST Cybersecurity Framework and the reality of most modern organizations, even ones that haven’t gone 100% virtual. This has been happening for years, but as the gaps widen between the security standards we have to follow and the actual security challenges on the ground, the frameworks are going to have to become more agile or risk becoming standards that cost a lot of money to comply with but have little to no effect on actual security.

For example, risk assessments are a big part of these regimens and often serve as the starting point for aligning your organization’s security efforts to the risks facing the business. Much of NIST’s and ISO’s recommended risk assessments focus on physical threats to locations. For instance, an entire section of NIST — the Physical and Environmental Protection (PE) controls, with 23 items — is dedicated to this area.

This made sense when everyone worked in a company office. However, with many companies adopting distributed workforces, localized disasters now have a much smaller potential impact on a company’s operations. Larger disasters like pandemics, which were once thought to be outside edge cases that needed minimal remediation and controls, have been shown to be much more impactful and likely than we thought before. New versions of the security frameworks need to recognize this, possibly by having different risk-assessment tools for companies with largely remote workforces.

Alternate processing sites are covered in the security frameworks. But for many cloud-native companies, this simply means another region or zone of a cloud provider, or even an alternate cloud provider. These arrangements are far more flexible, powerful, and cost effective than true physical hot sites ever were, and they can be set up with a couple clicks of a mouse. Even companies that still own physical data center infrastructure often use the cloud as their backup. The days of massive, company-owned alternate sites are waning, and security frameworks and regulations should be updated to recognize that.

To read the complete article, visit Dark Reading.

 

Tags: Alerting Systems Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Incident Command/Situational Awareness News NIST/PSCR Policy Public Safety Security Software Standards State & Local Government System Design System Operation Test & Measurement Tracking, Monitoring & Control Partner content

Most Recent


  • How AT&T won DFW Airport's $10 million private 5G business
    According to Mike Youngs, it all started with the bathrooms at Dallas Fort Worth (DFW) International Airport. Youngs, the airport’s VP for IT, wanted to use wireless technology to reduce crowding in restroom lines during the COVID-19 pandemic. His team installed sensors and lights above stalls and monitors outside restrooms to let people know when […]
  • Russia's war in Ukraine shows cyberattacks can be war crimes
    Russia’s cyberattacks against Ukrainian civilian and critical infrastructure has shown what it looks like when cyberattacks are part of warfare. What remains to be seen is whether the world will treat them as war crimes. “For too long, the world has been considering cyber terrorism as something unrealistic, too sci-fi-ish, and cyber weapons as not […]
  • FCC grants 700 MHz Band 14 license renewal to FirstNet Authority
    An FCC bureau yesterday renewed the FirstNet Authority’s spectrum license into at least 2027, allowing the nationwide public-safety broadband network (NPSBN) to continue operating over the 700 MHz Band 14 airwaves—a key component of the FirstNet Authority’s 25-year agreement with contractor AT&T. Approved by the FCC Public Safety and Homeland Security Bureau (PSHSB), the license […]
  • How vehicle insurance and autonomy intertwined
    In early 2023 Oxbotica claimed at an event, which was held at Lloyd’s of London about the Future of Autonomy that insurance and autonomy are intertwined. At the event, Sam Tiltman, sharing economy and mobility leader for the UK & Ireland at Marsh, claimed that the combined impact of Mobility-as-a-Service (MaaS), electric vehicles and automation is huge. […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Military vets share lessons that helped them build infosec startups
  • Ericsson's $6.2 billion Vonage deal has befuddled investors – no wonder
  • MTA police leverages P25, LTE to maximize interoperable communications throughout jurisdiction
  • Local leaders laud spending initiatives, highlight challenges at National League of Cities’ annual summit

Commentary


Updated: How ‘sidelink’ peer-to-peer communications can enhance public-safety operations

  • 1
27th February 2023

NG911 needed to secure our communities and nation

24th February 2023

How 5G is making cities safer, smarter, and more efficient

26th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

How AT&T won DFW Airport’s $10 million private 5G business dlvr.it/Spj4Pt

27th May 2023
UrgentComm

Russia’s war in Ukraine shows cyberattacks can be war crimes dlvr.it/Spj3c2

27th May 2023
UrgentComm

FCC grants 700 MHz Band 14 license renewal to FirstNet Authority dlvr.it/Spj2Ny

27th May 2023
UrgentComm

Broadband for Critical Communications Everywhere Providing Connectivity When Seconds Count dlvr.it/Sph602

26th May 2023
UrgentComm

How vehicle insurance and autonomy intertwined dlvr.it/SpglBb

26th May 2023
UrgentComm

World’s least-expensive self-driving vehicle revealed dlvr.it/Spgc88

26th May 2023
UrgentComm

Voice calling is finally making its way onto 5G dlvr.it/SpdtYW

26th May 2023
UrgentComm

With many cities facing a fiscal cliff as ARPA funding ends, debt ceiling debate continues on Capitol Hill dlvr.it/Spdsnq

26th May 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.