By Adam Palmer, Chief Cybersecurity Strategist, Tenable
It is estimated that global cybercrime will grow by 15 percent annually over the next five years, reaching USD 10.5 trillion by 2025 (Source: Cybersecurity Ventures). To provide a comparison, this is much larger than the damage inflicted from natural disasters in a year. According to a Forrester study, some of the damaging effects from cyberattacks in India include identity theft (44%), financial loss or theft (38%), and ransomware payout (33%). Many of these attacks can be avoided. The cost of these damages far exceeds the cost to prevent such attacks through investment in strong security practices.
Last year, Covid-19 caused CIOs to sometimes put usability and deployability of IT ahead of security. This was a quick solution to ensure business continuity in a time of crisis. However, this approach may have introduced new security risks. These quick fixes may have exposed assets and networks to vulnerabilities that can now easily be leveraged by cybercriminals for attacks.
Time to secure the new normal
The band-aid security solutions that many CIOs put in place last year now need to be replaced with scalable, long-term, strategies. Numerous articles and surveys, such as the one from Public App in India, have stated that the return to the office full time may be a thing of the past. Only 27% out of 300,000 respondents in the same study indicated their preference to go back into the office while many stated they would prefer to work from home or have a hybrid workplace arrangement. With this in mind, organizations need to reassess existing cloud security infrastructures to support a distributed workforce in a dynamic environment with many connected personal devices.
Start with a roadmap: Before embarking on anything, create clearly defined data management strategy that is aligned to the organization’s needs. This saves time and ensures that security is part of the process. Reduce risk by limiting third-party access to the network and by using privileged access management controls.
Security integration: Harmonize and ensure that security is integrated across all applications, critical data, cloud-based assets, DevOps, network infrastructure, and operational technology. With so many new connected assets, having a single source of truth can make a world of difference.
Intelligence: Utilize machine learning and threat intelligence to identify actual vulnerabilities and risks critical to the business. Avoid relying solely on a cloud vendor for generic configuration monitoring.
Visibility: Most remote workers have a variety of connected devices such as smart television sets, doorbells, baby monitors and more in their homes in addition to their laptops and tablets. This means that every time a remote employee logs into their laptop, each of those devices becomes part of the enterprise attack surface. Since security teams won’t be able to run network vulnerability scans of personal devices, installing local vulnerability detection agents to provide off-network visibility is beneficial. Risk can also be mitigated by adding IT systems management onto laptops so that the security team can control software updates and patching. This is a simple, but effective strategy.
Plan for continuity: Every organization should have business continuity and crisis communication plans. These plans should contain a business impact analysis, financial and operational costs, management risk tolerances and resource dependencies. Document where critical data resides for high-risk users such as executives, those with administrative privileges and those developing source code).
Many organizations have had to quickly adapt their technical infrastructure to support a new remote workforce, but they now also have to adopt long term security solutions. This will prevent cybercriminals from taking advantage of these quick-fix solutions made in a time of crisis. There’s no better time to correct these security gaps, than now.