This article was originally published by SC Magazine.
In the era of hybrid work, businesses of every size are operating virtually more than ever before. While today’s digital revolution is cause for celebration, it has also resulted in the creation of more high-risk IT environments. Now company assets have become infinitely more accessible to threat actors, which has helped fuel the massive uptick in security attacks against these new threat vectors.
Hybrid work makes security even more of a business problem. Do nothing and it’s only a matter of time before your company becomes a hybrid work security statistic:
So, if you can only do one thing, what should it be? To get to the answer, it helps to first unpack the three factors making security more challenging today.
Big data contained is far less a security problem than big data unleashed. With data being accessible from virtually anywhere and all the time, IT leaders are facing tough questions, like “How do we effectively scale security in an IT environment that essentially has no boundaries?”
This problem stems from the fact that traditional networks no longer exist. Under hybrid work models, data resides wherever your endpoints and users are, and that puts assets in unmanaged locations beyond the control of the IT team. This trend is not new, however it’s been exacerbated by the pandemic. Nemertes Research summarizes this in their white paper:
Most architects think of the corporate WAN as connecting “inside-to-inside”: that is, premises-based users (e.g. workers in offices) to premises-based resources (e.g. applications running in data centers). That’s not only inaccurate in these post-Covid days, it’s been inaccurate for a long time.
In early 2020, Nemertes research studies found that just 38% of all WAN traffic was “inside-to-inside.” The remaining 62% was either:
We have every reason to believe that the percentage of inside-to-inside traffic has declined precipitously in 2020 and 2021, and will bounce back only slightly as some employees shift back to working in offices.
Compounding this complexity is the fact that big data will only get bigger. The sheer volume of data that is collected, stored, parsed, and analyzed is far more than any humans can possibly manage. What data is relevant? How can we automate the analysis of this data for threats? Moreover, how can the threat response be automated?
Zero Trust is considered today’s leading security strategy; however, Zero Trust isn’t always possible in every scenario. Mobile devices and any uncontrolled hardware create obstacles that the security industry has not yet overcome. Simply put, it’s because of supply chain based attacks.
It all goes back to the device manufacturers who must defend their hardware, microchips, and software from attackers. But this defense job is nearly impossible. No security technology exists today that can effectively protect against supply chain attacks targeting the software or hardware suppliers themselves, and Zero Trust fails to evaluate the user device at the hardware and source-code level.
Zero Trust can verify user identities until the sun goes down, but those checking functions don’t go deep enough to identify the underlying threat. Thus, mobile device security will be compromised until Zero Trust reaches ground zero.
Technology innovation cuts both ways, benefiting companies and criminals. This helps explain why cyber criminals and nation state actors are doubling down on their efforts to both profiteer from and disrupt hybrid businesses.
I explain these issues in depth in this article, Cybersecurity threats now: 6 eye openers from Black Hat every IT leader should know.
Nearly all cyber threats have one thing in common, and this consistency is a key advantage for those needing to reliably find that “needle in a haystack.” All threats generate observable network communications, which means the network remains the keystone to increasing your security posture.
But you cannot protect what you cannot see. Gaining complete visibility into the network is crucial for rapid threat identification and isolation, but also for managing and securing all the endpoints that come with any distributed workforce. These tips can help.
At the end of the day, there will always be an attack vector you don’t know about, a threat you didn’t see coming, or a black swan event — a pandemic that changes everything. Focus on what you can control. The single best thing you can do is keep an eye on your network and your assets. This act alone will help improve your security posture, little by little with each adjustment you make.
Need help with your work-from-home security strategy? Get a free consultation from Masergy.