Roughly five months into the pandemic, stark stories of unsustainability have emerged, from personal debt caused by months-long unemployment to restaurant capacity restrictions to the number of coronavirus cases themselves. Eventually something has to give. 

But at least one area of life that was knocked off its atlas when the virus came bearing down in March appears to have no other option but to forge on: remote working.

With studies now showing that at-home work is here to stay – a recent Gartner survey projects some half of companies will permit employees to remain working remotely even as offices reopen – unsustainability is not an option, especially with expanded attack surfaces opening up organizations to greater risks. 

So even as already-strained security operations teams struggle to harden this newly fragmented network, security lessons are being learned every day, from the importance of training employees to remain on guard even at home (for example, this federal credit union CISO reminds workers to shred documents containing personal information) to deprioritizing focus on securing on-premises infrastructure (especially as cloud services thrive).

→ Download Now: A Technical Guide to Remote Security Operations (White Paper)

Even though it will not live up to start-of-the-year forecasts, security spending is expected to still rise this year, although admittedly the beneficiaries of that outlay have shifted. Identity and access management (IAM) is primed for a breakout year as organizations wrestle with the challenge of facilitating smooth but secure access for their faraway employees. IAM solutions are something of a next remote access step beyond VPNs because of their ability to deliver single sign-on, multifactor authentication and privileged access management. 

Other security solutions have also demonstrated increased value in a remote world as workers more heavily rely on unvetted and unmanaged personal devices and apps. As a result, technologies seeing a surge in demand include endpoint detection and response (EDR), cloud security, mobile device management and data leakage prevention (DLP). 

More and more businesses, overwhelmed by the scale of what needs safeguarding, are handing over the reins to oversee these technologies to managed security services and managed detection and response providers.

But no matter where these security tools live or who is tasked with managing them, they will generate their share of alerts, and analysts will want to accelerate and streamline investigation and response. Platforms like security orchestration, automation and response (SOAR) can help SOC teams ingest threat data from disparate sources – and across client environments – and trigger customizable response playbooks that automate repetitive tasks, from enrichment to response.

Dan Kaplan is director of content at Siemplify.