What trends are going to dominate the security landscape in the post Covid-19 world?
Adam Palmer: An uptick in ransomware attacks
A number of devices could have been infected by ransomware during the shift to remote work, and once these devices re-connect to corporate networks, it could propagate. In a recent Forrester study commissioned by Tenable, 36% of organizations globally suffered a business-impacting cyberattack due to ransomware. So we can expect an uptick in ransomware attacks in environments with a less mature security policy, once employees can safely return to their offices.
Acceleration of “zero-trust” networks
As a result, an acceleration towards “zero-trust” networks where devices, systems and services operating within the corporate network aren’t automatically trusted will likely be adopted by more security teams.
Adoption of SaaS services.
The stay-at-home orders pushed many organizations to leverage new cloud-based technologies and approaches to optimize their teams’ performance. Longer-term, we’ll continue to see organizations of all sizes embrace SaaS services, even after office work is back to the status quo.
New vulnerabilities introduced in OT/IT
When employees eventually return to their offices and re-connect to corporate networks, there’s a risk of new vulnerabilities and threats being introduced to either the IT or OT side of mission- and safety-critical operations. During this transition, it’s imperative security teams have visibility into where the organization is exposed and to what extent, enabling them to manage risk on a day-to-day basis effectively. Let’s be honest, security challenges aren’t going away once everyone is back in the office.
What challenges, technical and organizational, do security and IT departments have to meet in order to adapt to the context of teleworking?
Adam Palmer: Organizations looking to work remotely in the long-term can consider the following:
Run IT operations like a service: Simplify, streamline and standardize the working experience for global employees, or what devices they are using. Eliminate any technical barriers that get in the way of people doing their jobs.
Prioritize SaaS solutions: Cloud-based services aren’t just a cost-saving measure, allowing organizations to focus more resources on core business competencies. These solutions also support greater agility and scale where traditional connections (e.g., wide-area network [WAN]) quickly become a bottleneck when large groups begin to work remotely.
Limit access to virtual private networks: VPNs can be a bottleneck for distributed workforces because they are limited by the same local network bandwidths. Wherever possible, restrict direct access to a corporate network to only the most critical functions and double-down on SaaS protocols.
Single sign-on (SSO) identity management facilitates ease of use and ongoing maintenance, while multifactor authentication provides a much-needed layer of additional security.
Encourage adoption of collaborative systems: Distributed workforces require new tools that foster collaboration in lieu of the social interactions that typically occur within a physical workplace. Organizations can consider SaaS collaboration solutions such as Google Docs, Slack and more.
Partner with internal and external peers: Every department relies on an organization’s technical infrastructure, so IT leaders must maintain a direct line to all areas of the business. CIOs need to continually ask if there’s a better way to do things, and that requires ongoing communication with all relevant stakeholders and the industry at large.
What are the benefits of the convergence of IT and OT Operational Technology environments.
Adam Palmer: Interconnecting IT and OT systems can optimise production and drive innovation. It also increases efficiency and has the ability to pinpoint bottlenecks in OT capabilities.
According to you, what should organizations do to manage risk in the expanded attack surface?
Adam Palmer: We’d encourage organizations to continually assess their networks for security vulnerabilities as it can help prevent everything from unauthorized access to applications to identifying underlying software flaws that expose sensitive data.
Now more than ever, organizations require a unified, risk-based view of where they’re exposed and to what extent across their IT and OT environments. By using a blend of machine learning analytics to correlate vulnerability severity, threat actor activity and asset criticality data, organizations can identify and manage issues posing the greatest business risk.
Are CISOs acknowledging the importance of vulnerability management as a ‘must have’ for their companies?
Adam Palmer: Based on our Forrester study which revealed that while 97 per cent of Indian organizations suffered at least one business-impacting cyberattack, only four out of 10 security leaders can confidently answer the question “How secure or at risk are we?”. This data in itself is a concern because it shows that security leaders in India are either flying blind or looking for answers in the wrong places.
The issue is compounded as traditional IT systems within organizations tend to consist of data silos and outdated operational processes which are not integrated with new technologies and requirements. These systems now mixed with cloud-based technology make scanning for vulnerabilities in the digital environment more complex. This is because traditional vulnerability management solutions weren’t designed to handle an attack surface of this size and complexity. Therefore, organizations can completely miss critical vulnerabilities across their dynamic environments.
There’s an urgent need for organizations to adopt a risk-based approach to vulnerability management which uses machine learning analytics to correlate vulnerability severity, threat actor activity and asset criticality to identify and manage issues posing the most significant business risk. This approach will help Indian organizations focus on the vulnerabilities that matter most and address true business risk instead of focusing on flaws that have a low likelihood of being exploited.