Cyber security, digital investigations and eDiscovery will never be the same. In the past year, market uncertainty and changing consumer behavior have increased cybercrime and fraud, while remote workforces are redefining network perimeters, opening new avenues for hackers to access private and sensitive data.
How do organizations navigate these challenges and ensure they remain cyber resilient? Jo Peterson, member of the Forbes Technology Council and VP of Cloud & Security Services at Clarify360, and Raj Munusamy, Senior Director of Product Marketing (Security) at OpenText, shared their insights in a virtual Q&A on the current state of enterprise security.
What security challenges are facing organizations with the shift to remote work?
Most organizations’ network infrastructures were built on the 80/20 rule, meaning 80 percent of the workers were in the office and 20 percent were working remotely. The pandemic turned that 80/20 rule on its head. When the entire workforce went remote, it created many new security weaknesses for the IT teams. There are four things to think about: the perimeter, the VPN, the physical security of the computer and, of course, the human element. Security is not an IT issue. It’s a company issue. If you can somehow engage employees and let them know that a breach could affect customer credibility and revenues, and then their jobs as a result, it becomes more real. You really have to do a good job in connecting the dots.
The whole spectrum of working from home includes the use of personal devices or corporate devices for personal use. That’s fine, as long as you have the right enterprise security measures in these devices, and that’s where the big challenge is.
How has the shift to remote work changed enterprise security priorities?
I think it’s the whole concept of cyber resilience. Cyber resilience means that you may not get it 100 percent, and this means an improvement process must be in place. That involves the hardening of your systems and processes to withstand these cyber attacks. And also having the protocols in place to detect some of these compromises that evade the perimeter defenses. The shift to cloud-based apps is another huge trend. Along with that comes the responsibility of security organizations to have the right technologies in place to make sure that they’re able to protect and do EDR (end point detection and response) activities.
I think the cloud has been a hero of the pandemic. We’ve seen these collaboration tools come into play that have been essential in keeping teams connected, because they foster productivity. IT teams have had to tackle quickly implementing these tools and onboarding teams to them. We’ve seen some great internal collaboration and interaction between these teams because they’ve realized they have to keep the business going. There are complexities around BYOD (bring your own device), BYOA (bring your own access), and companies are rethinking some of the policies around these things.
How can organizations protect their end points when employees are working remotely?
We can’t secure what we don’t know about. So, there’s this rush to pane-of-glass visibility. You have to invest in a tool that’s built for a remote environment. Most end point security management tools aren’t really designed to support remote environments. We also want to look at the automation we can put in place that tests for and remediates compliance drift. We need to think about real-time breach remediation and that’s super-important as well.
It’s a series of things that companies are doing today, particularly the larger ones, in making sure end points are more secure. This includes the transition from the traditional authentication methods into IAM [identity and access management]. Cloud-native content management is another big one as well. But let’s not forget: a lot of this is also people. What we emphasize always is awareness and making security a seamless experience. In the last 10 to 15 years or so, I’ve experienced a huge transformation there. Cyber security training is compulsory. Businesses, especially the larger ones who have access to learning systems and so on, they are enforcing it.
What can enterprise security teams do to overcome the challenges of remote work?
Threat hunting and threat intelligence are always great areas. Along with that, there is incidence response handling. Automation of that whole process is a big focus as well. But the basic premise of maintaining security is the same as it was prior to COVID-19. It’s all about discovering threats quickly and eradicating them before the damage occurs – that hasn’t changed.
I’ve seen IT leadership develop this sort-of go-to checklist of things that they are now considering because the workforce is remote. They’re developing a cyber security policy for remote workers. And that’s going to include use of company-owned devices and regular backups to external hard drives, for example. They’re implementing more mobile security and they’re using encryption. They’re doing password management software… and identity proofing and behavior-based authentication.
Any closing thoughts?
The World Health Organization reported a five-fold increase in cyberattacks during the pandemic. And there has been a 20% increase in ransomware attacks in the first half of 2020. The world will continue to adapt. This is cyber resilience in practice. Being good at it means protecting lives, operations, and infrastructure.
I think as we enter this next phase of our new normal, we’re starting to see a long-term shift in thinking around remote work and the connectivity and security considerations that go along with it. It’ll be interesting to see how this unfolds and how vendors come to the market to support this.
Want to learn more about the changing state of enterprise security? Catch up with all the OpenText Enfuse On Air content on demand.