sb-au logo
Story image

Network visibility is the crux of security in 2020

08 Oct 2020

Article by Gigamon A/NZ manager George Tsoukas.

The sharp and sizable increase in employees working from home in Asia Pacific, caused by the pandemic, has placed networks under greater pressure than ever before and inevitably has led to heightened cybersecurity risks.

The US National Cybersecurity Centre has reported that malicious actors are increasingly exploiting vulnerabilities in VPNs and other remote working tools, while government-branded scams relating to COVID-19 have been escalating.

Now, as companies plan for a return to the office and adjust business practices to accommodate a fluid workforce, they must keep cyber-risks front of mind.

Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious to continue to ensure protection.

Complete visibility into the network is the only way for IT and security teams to achieve this, by discovering exactly what their environment looks like and reaping the benefits of faster threat detection and response, fewer blind spots and a clear view of all data-in-motion.

New tomorrow, new challenges

IT teams are under unprecedented pressure, bombarded with support requests from users striving to maintain productivity at home or smoothly transition back to the office. Also, with many workers using their own devices and connecting to company networks using personal WiFi connections or mobile data, attack surfaces have expanded, and vulnerabilities exacerbated.

That’s why, to safeguard these newly exposed environments and manage their increased workloads, IT and security pros need to have unobstructed visibility.

Employees working remotely have caused traffic to move from LAN to WAN and north-south traffic to grow, so IT and security must be able to inspect encrypted and unencrypted data to ensure awareness of any potential risks.

IT leaders should consider threat detection tools that are simple to deploy and quick to unlock security advantages. For example, a clear view of ingress and egress links, behind VPN concentrators, would empower Infosec teams to alleviate easily any threats that might arise from remote working.

Supporting a fluid workforce with budget uncertainty, if not outright budget reduction, is no easy achievement. It is possible, however, for companies to increase their security capabilities by up to 70% through removing duplicate traffic, filtering out low-risk application data and redeploying shelved or underutilised tools.

Due to the constantly unfolding situation, companies must be ready at all times to swiftly adapt their priorities and security tactics, so agility is fundamental. 

Crucially, by implementing innovative solutions and streamlining repetitive jobs, those defending hybrid networks against cyber-attacks will have more time and headspace to drive better security outcomes and greater remote control, as physical access continues to be a challenge.

Value of a zero trust approach

As many return to their offices or embrace a more fluid way of working, the vulnerabilities revealed by the remote working shift are still present.

‘Work anywhere, work anytime’ is becoming the norm, so network perimeters, already blurred by an increasingly complex infrastructure, are now almost impossible to define. 

Because of this, assuming that devices inside the perimeter are secure is not a viable option.

If implicit trust is no longer safe, then a zero trust approach can help to ensure protection in a period of uncertainty. Unsurprisingly, 67% of organisations that have not started their zero trust journey reportedly plan to do so this year.

Zero trust is about placing no trust in any element on the network, and scrupulously determining privileges based on observed behaviour before authorising access. This can be enabled only with complete visibility into the network: organisations can’t monitor and regulate what they can’t see.

Sadly, there isn’t a solution that businesses can purchase and deploy to adopt this security strategy. Zero trust isn’t a product; it’s a mindset, enabled by uncompromised visibility, which must transpire in all security practices to be effective.

It won’t happen overnight but, given the current situation, it’s fundamental that businesses unify and enhance their security efforts to safeguard their remote workforce.

While they grapple with how to optimise costs and maintain productivity at an economically testing time, IT teams also fight another battle: defending increasingly vulnerable networks, sheltering remote employees from growing cyberthreats and, ultimately, safeguarding their organisations.

Keeping up with changing circumstances and ever-morphing threats isn’t easy. However, with a targeted approach to driving network visibility, aided by modern tools and a zero trust architecture, IT and security workers are well equipped to overcome these challenges and emerge stronger.

Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
WatchGuard uncovers top cyber threat trends of Q4 2020
“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections."More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More