sb-au logo
Story image

How cybersecurity leaders are overcoming the new risk landscape

19 Aug 2020

Article by Micro Focus head of enterprise security George Atrash.

Working from home has significantly increased the threat surface for businesses around the world.

Businesses that thought they were protecting themselves by using virtual private networks (VPNs) have been in for a shock, with a data breach affecting millions of users due to an unsecured server shared by several VPNs. 

This lapse in security raises the question of how to manage security in a landscape characterised by a highly distributed workforce. Businesses need to take a fresh look at cybersecurity and move beyond VPNs to protect the organisation in this environment of heightened risk.

Dealing with COVID-19 has required organisations to accelerate their digital transformation, but many have overlooked security. The old castle-and-moat approach to security is no longer sufficient; businesses need to move from assumed trust to zero trust, and then towards intelligently adaptive cybersecurity.

Here are four key areas that businesses must consider when it comes to securing the distributed workforce:

Trusted access

Zero trust is the preferred approach in the current environment. It’s essential to be able to leverage context to determine trust, as well as use identity assurance via multifactor authentication, and provide the least privilege access possible.

Adding intelligence allows organisations to become prescriptive in how they apply zero trust.

Safeguarded interactions

Interactions usually take place through applications, so it’s crucial to ensure applications are as solid as possible. This means choosing applications with a strong development pipeline and the ability to test them in a variety of ways. 

Strategies should include agility, with application testing and security happening both on-premise and in the cloud. 

Dynamic and static testing, open-source integration, and machine learning to help reduce false positives can combine to ensure applications don’t present undue risk.

Data protection

Classifying data is essential to managing its lifecycle and protecting it effectively. There is increased risk for businesses due to evolving privacy regulations, increased sensitivity around how data is used, and the fact that people are accessing data from new locations in new ways. 

Classifying data and managing it according to policies will help deliver the right outcomes for the business in terms of locking data down or making it securely available for certain tasks.

Ongoing monitoring

Being able to block unwanted access, monitor and detect threats, and respond rapidly to incidents are all vital capabilities that are non-negotiable in the current landscape. 

A fragmented environment puts pressure on security operations teams which have to continue to provide context to the monitoring to deliver intelligent outcomes. 

Next-generation SecOps capabilities will help organisations intelligently adapt by protecting identities, apps, and data, and letting businesses detect threats and evolve their posture for new threats.
 

To manage these four aspects strategically, it’s important to take an intelligently adaptive approach where the infrastructure has enough intelligence to detect threats, remediate at once, or notify teams with remediation steps. This approach can be built over time as needed.

Security intelligence services with dynamic functions are needed for security in motion, leveraging intelligence and analytics. Vendors gather masses of information that can be analysed to gain a more comprehensive view of the threat landscape and accelerate customers’ speed to value. 

An intelligent approach is the only way organisations can keep up with the rapidly accelerating threat landscape.

Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Facial recognition control solution hits A/NZ
The facial recognition reader scans users’ faces to identify them before providing access.More
Link image
Where is your data? You'll find out in 2021
Next year, we will start to realise exactly how much intellectual property was stolen by attackers during the 2020 remote working shift, writes Forcepoint global CTO Nicolas Fischbach.More
Story image
Claroty and CrowdStrike form partnership to protect industrial control system environements
The integration will deliver visibility into industrial control system (ICS) networks and endpoints, with a one-stop-shop for information technology (IT) and OT asset information directly within The Claroty Platform.More
Story image
Trend Micro integrates with AWS Network Firewall
As a Launch Partner, Trend Micro has integrated managed threat intelligence feeds from its cloud security solution to enable superior protection in line with this new AWS managed firewall service.More
Story image
Forrester names Thycotic a Leader in privileged access management
Thycotic received the highest possible score in 11 of the 24 criteria in the study, including SaaS/cloud, innovation roadmap, and integrations, deployment, supporting products and services, commercial model, and PIM installed base.More