Working from home has significantly increased the threat surface for businesses around the world.
Businesses that thought they were protecting themselves by using virtual private networks (VPNs) have been in for a shock, with a data breach affecting millions of users due to an unsecured server shared by several VPNs.
This lapse in security raises the question of how to manage security in a landscape characterised by a highly distributed workforce. Businesses need to take a fresh look at cybersecurity and move beyond VPNs to protect the organisation in this environment of heightened risk.
Dealing with COVID-19 has required organisations to accelerate their digital transformation, but many have overlooked security. The old castle-and-moat approach to security is no longer sufficient; businesses need to move from assumed trust to zero trust, and then towards intelligently adaptive cybersecurity.
Here are four key areas that businesses must consider when it comes to securing the distributed workforce:
Zero trust is the preferred approach in the current environment. It's essential to be able to leverage context to determine trust, as well as use identity assurance via multifactor authentication, and provide the least privilege access possible.
Adding intelligence allows organisations to become prescriptive in how they apply zero trust.
Interactions usually take place through applications, so it's crucial to ensure applications are as solid as possible. This means choosing applications with a strong development pipeline and the ability to test them in a variety of ways.
Strategies should include agility, with application testing and security happening both on-premise and in the cloud.
Dynamic and static testing, open source integration, and machine learning to help reduce false positives can combine to ensure applications don't present undue risk.
Classifying data is essential to managing its lifecycle and protecting it effectively. There is increased risk for businesses due to evolving privacy regulations, increased sensitivity around how data is used, and the fact that people are accessing data from new locations in new ways.
Classifying data and managing it according to policies will help deliver the right outcomes for the business in terms of locking data down or making it securely available for certain tasks.
Being able to block unwanted access, monitor and detect threats, and respond rapidly to incidents are all vital capabilities that are non-negotiable in the current landscape.
A fragmented environment puts pressure on security operations teams which have to continue to provide context to the monitoring to deliver intelligent outcomes.
Next-generation SecOps capabilities will help organisations intelligently adapt by protecting identities, apps, and data, and letting businesses detect threats and evolve their posture for new threats.
To manage these four aspects strategically, it's important to take an intelligently adaptive approach where the infrastructure has enough intelligence to detect threats, remediate at once, or notify teams with remediation steps. This approach can be built over time as needed.
Security intelligence services with dynamic functions are needed for security in motion, leveraging intelligence and analytics. Vendors gather masses of information that can be analysed to gain a more comprehensive view of the threat landscape and accelerate customers' speed to value.
An intelligent approach is the only way organisations can keep up with the rapidly accelerating threat landscape.