With the Big Bang came the expansion of the universe, forming superclusters, galaxies and planets. Now, a similar series of events are unfolding in our computing environment. Traditional network perimeters are rapidly expanding as digital operations are becoming more distributed and outside the confines of individual organizations’ physical walls.
Access requirements have also increased, with more users, devices, application services and data than ever before located outside of enterprise headquarters — making it the perfect security problem, particularly regarding network security.
The pandemic was a catalyst for remote and hybrid work, and it’s here to stay — with 71% of companies set to make these work policies permanent. For this to be effective, IT infrastructure investment must reflect the ever-changing threat landscape and the needs of disparate and distributed network perimeters.
But it’s not just about tools and technology. The accelerated changes caused by the pandemic have also required the role of the chief information security officer (CISO) to evolve. Today, they don’t just protect the organization’s critical infrastructure and systems. CISOs ensure that information and assets stay protected and businesses continue to operate unaffected by potential cyber threats or adversaries.
Anyone in the role of protecting information for enterprises is now grappling with significantly increased threat levels, meaning the stopgap security tools deployed in response to COVID-19 must be modified or replaced with robust, permanent solutions. But on the plus side, almost three-quarters (72%) of IT leaders believe there’s been a positive shift in the remote and hybrid work mindset following the move to work-from-home during the pandemic.
And this shift continues to influence an evolution in priorities within security strategy, alongside other critical factors that will drive what it takes to further strengthen enterprises’ information security posture.
Current challenges facing today’s CISO
Cybersecurity attackers are continuing to improvise threat tactics, searching for any backdoor or window left ajar to take advantage of and gain access to enterprise networks. Supply chains are one of the most commonly breached points to gain access, especially when it comes to critical infrastructure institutions (CII). Instead of having to breach the CII’s network directly, attackers can capitalize on less secured vectors and gain maximum access with relative ease.
The supply chain environment, which requires companies to collaborate in many ways, presents an opportunity for attackers to exploit gaps in security enforcement. For instance, the Log4J supply chain attack, which saw a vulnerability exposed in software used by nearly every cloud service and enterprise network, highlights the lack of visibility organizations have in their software supply chain.
And as cloud adoption continues to accelerate, it’s critically important that firms look beyond their own internal security strategy. Now, it’s equally essential to have a robust framework to identify and classify information outside of traditional network confines — measuring and monitoring the security of any assets deployed.
But, unlike on-premise solutions, deployments on the cloud require a number of providers to be involved, which brings with it familiar challenges. From ensuring strategies are uniformly enforced to adopting information security policy and key principles across the stack. Establishing an effective model to operationalize security between all stakeholders is another threat actors have been known to take advantage of, aiming for crown jewels hosted outside the enterprise’s perimeter.
Making security an ongoing topic in supplier reviews will provide the business with a better understanding of cyber risks and possible exposures within their supplier ecosystem. Assessment of the security posture of suppliers either using third-party services or through peer reviews may also enable better visibility of continuity risks for key processes. Relevant scenarios can then be embedded into business continuity plans, which can be rehearsed to ensure the least disruption in the event of an actual compromise to vendor environments.
Security means knowing the who, what, where, when and why
Whether it’s causing business disruption, stealing intellectual property or compromising customer data — cyberattacks can have a considerable impact on a company’s reputation, regulatory standing and customer confidence. So, it’s critical to arm businesses with the right tools to prevent and minimize the impact of cyberattacks.
In 93% of incidences, a cyberattacker can breach an organization’s network perimeter and access local resources, using commonly known vulnerabilities and exploits or through carefully crafted campaigns harvesting credentials from unassuming users.
It’s no longer enough to just validate identity, meaning that methods such as two-factor authentication are no longer sufficient. Secure access now means validating not just identity, but the context and channel of the information being acquired.
It’s clear that the dynamic access requirements of digital businesses have become a reality. And this is where Secure Access Service Edge (SASE) architecture comes to the fore.
SASE is a digital enabler — it’s a shift in the security architecture mindset. The introduction of SASE means organizations no longer need to manage security boxes that deliver disparate, separate solutions. Now, there’s the opportunity to deliver policy-based security with context, meaning more assessment of who exactly is accessing information, at what time, where and for what purpose.
By 2025, it’s anticipated that more than 50% of organizations will have clear strategies to adopt SASE, up from less than 5% in 2020. Here, expanding the network architecture to include SASE begins with picking the best-fit solutions for key components. For example, secure web gateway, secure web access, cloud access security broker or zero trust network access solutions.
And there are other authentication, authorization, policy, user and entity management solutions can also add to the mix, meaning companies can find the right solutions to optimize their individual business security.
Employees are your best defense
While there are countless solutions available to support secure digital operations in remote or hybrid environments, navigating these options can be a relentless job for those responsible for business security. But keeping defenses up to date is critical to stand a chance against new attack tactics.
Many organizations don’t have the capacity or capabilities on-hand to respond to all the digitization requirements of a diverse, modern, digital enterprise. Here, support from trusted security partners and System Integrators (SIs) can help organizations bolster their security strategy and ensure operations are safe and secure in an increasingly hybrid environment.
Drawing on the expertise of others, as well as fueling awareness of cybersecurity among employees, is still one of the most important defenses against malicious activity and cyber fraud. It’s crucial to have a holistic security awareness program comprising regular, easy-to-understand information on the evolving threat landscape and the role of every individual if an incident should occur. Involving the employees in regular drills to test situational alertness and detect initial attack attempts is a foundation for company-wide cybersecurity awareness and prevention.
CISOs: The intersection of cybersecurity and hybrid work
The number of knowledge workers continuing with hybrid arrangements has increased to 58%, up from 46% in May 2021, according to Future Forum. It’s clear that employees will continue to connect from various locations and likely operate from untrusted networks, as the flexibility afforded by hybrid working remains.
For CISOs, this translates to ensuring secure and contextualized access that enables employees to operate in an environment that won’t inadvertently lead to a data breach or compromise critical assets.
As organizations continue to evolve their fast-tracked, pandemic-response solutions into more mature, long-term approaches, there’s an opportunity for CISOs to drive holistic business and information protection — ensuring that the solutions and offerings deployed today will stand up against the increasingly sophisticated cyberattacks in the present and coming times.