Many regions across the globe are still imposing lockdowns to curb the spread of the Covid 19 virus, even as the recovery rate goes up with the daily decline in the number of cases. With the switch to remote working, organizations are investing in Remote Access Infrastructure, SaaS, Cloud, and cloud-delivered services. Several such changes in the business processes also introduced cyber security risks. Many of the employees who worked remotely were not familiar with the enterprise security risk involved, unlike the few senior leaders who used to work remotely in the past too, prior to the pandemic and ensured their network was secure. As less attention was paid by the large remote workforce to cybersecurity along with the stress these employees had to bear with the new working model, the edges became more vulnerable to cyberattacks. And, it was celebration time for cyber-criminals.
The Security Operations Center (SOC) also lost a significant amount of visibility into the organization’s traffic. The threat actors were also prepared to exploit new vulnerabilities in such situations that provided new opportunities.
DDoS attacks continue to exploit remote access and there is an increase in ransomware attacks as well adding to the complexities.
To address these challenges, organizations have to take some of the following measures to strengthen their security posture.
Embedding cybersecurity in the organization’s DNA
Businesses have to establish a ‘cybersecurity-first’ culture and stitch it into the security strategy. At the outset, the Chief Information Security Officer (CISO) has to ensure a robust cybersecurity plan is in place before effectively implementing it. All employees who are the first line of cybersecurity defense have to be trained to practice good cybersecurity hygiene. The C-Suite has to make cybersecurity a business priority and advocate its importance down the line to all employees. All stakeholders should be made aware that data breaches can bring down the brand image, reduce productivity, increase customer churn and related financial losses. To ensure a cybersecurity culture, the CISO’s role has to become more proactive where it is linked with business strategy and business continuity planning. Learnings from the pandemic or the cyber threat intelligence sharing is another aspect that has to be executed among specific industries across the globe.
Replacing traditional network edge
The network edge is no longer confined to the physical office but has expanded to include private and public clouds, partner networks, and a remote workforce. With several data breaches and cyber threat incidents, it is very clear that the traditional network edge cybersecurity stack is inadequate.
A next-generation network edge protection solution with stateless threat detection and mitigation technology is the need of the hour. This solution should protect not only the stateful network cybersecurity stack itself but also the network and services behind it, providing Smart Network Edge Protection,
These solutions should provide the first line of defense stopping inbound threats such as DDoS attacks, probing, and brute force password attempts that threaten the availability and performance of the stateful cyber security stack. It should also detect and stop outbound indicators of compromise that have been missed by the cybersecurity stack, thus acting as the last line of defense. The solution should also be integrated into an existing cybersecurity stack and processes for more effective threat detection and response.
Cyberthreats are here to stay but the measures leveraged to combat them are effective too. It is therefore important for organizations to maintain good cybersecurity hygiene practices and deploy effective tools to identify, isolate, address and prevent threats. These steps will help security teams to win their daily battles. With the pandemic not completely eradicated from the earth and with the new business models being leveraged, threat actors will continue to target vulnerabilities. It is imperative for security teams to remain vigilant to protect the critical IT infrastructure that connects and enables today’s and tomorrow’s world.
The article has been written by Vinay Sharma, Regional Director, India and SAARC, NETSCOUT