Spotlight: Securing COVID’s New Normal with Cathy Spence of Intel

In this Spotlight Podcast, Intel Senior Principle Engineer Cathy Spence joins me to talk about how COVID 19 has forged a new normal and shifted enterprise security battle lines.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google PodcastsStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

[MP3]


The world is more than 18 months into the COVID pandemic and one thing is for certain: business and life itself are not going “back to normal” any time soon – if ever.

The changes forced on organizations by COVID are simply too substantial. They range from the shift to remote work and the (permanent?) end of office culture, to a whole hearted embrace of digital transformation and cloud computing. Sure, these things started out as temporary responses to a mortal threat. A year and a half later, however, they’re deeply entrenched – the building blocks of a new, post-pandemic “normal” for the business world.

Remote Work Poses Security Challenge

But securing that new normal won’t be easy – as incidents in the last year have shown us. The shift to remote work has  pushed the enterprise perimeter out to thousands or tens of thousands of vulnerable home networks. It has increased reliance on VPNs and other remote access technology, and cybercriminals have taken note. The compromise  of the colonial pipeline, after all, came by way of a vulnerable VPN concentrator that Colonial’s internal security assessments and “red teams” overlooked. 

And then there’s the problem of all those investments organizations made before COVID. Just because workers have gone remote, doesn’t mean that organizations don’t still rely on legacy infrastructure and code that is old enough to drive – if not drink. 

Fifty Shades of Hybrid

What will it mean to secure this new normal? In this spotlight edition of the podcast, Cathy Spence, a Senior Principal Engineer at Intel, joins us in The Security Ledger Podcast studios to talk about what the post-COVID new normal will look like. For Cathy, the future looks a lot like the present, with recent developments like the shift to remote work more or less permanent. Still, every organization is going to have to find its own way of supporting remote work without compromising its core mission. Intel, she notes, is in the business of making lots of actual stuff (like silicon chips), so going 100% remote simply isn’t an option.

Most enterprises were designed to support everyone working from home during a snowstorm. It’s another thing to have everyone working from home for a year and a half.

— Cathy Spence, Intel

Cathy Spence is Senior Principle Engineer at Intel.
Cathy Spence is Senior Principle Engineer at Intel

Cathy’s day job at Intel is as the Chief Architect for Intel Commercial Client Platforms. So she has spent a lot of time thinking about the IT needs of large corporations. Post COVID, she imagines a future with a thousand shades of “hybrid” work. That state of play will greatly complicate the work of security teams and security vendors, who won’t be able to make assumptions about what any customer’s post COVID “normal” looks like.

Operationalizing Zero Trust

In this interview, Cathy and I talk about the myriad of ways that COVID 19 has shaken up the status quo and shifted the battle lines of enterprise security. We also talk about the work she is doing at Intel to distill key components of Zero Trust networking to work “out of the box” with Intel-powered products.

You can listen to our conversation above, or use the button below to download the MP3 recording.


(*) Disclosure: This podcast and blog post were sponsored by Intel. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.