Font Size: A A A

Interviews

Understanding the challenge for your enterprise

Anthony Di Bello, VP, Strategic Development at the software company OpenText, looks at the post-pandemic state of enterprise cybersecurity.

Security and regulatory requirements can strain budgets and bandwidths in the best of times. Even before COVID-19, the enterprise faced wave after wave of cybercrime. According to research, UK businesses faced a 20pc rise in cyber security threats last year versus 2019 – that’s an attack once every 46 seconds. While new attacks continued to surface, new regulations and compliance mandates, such as the EU General Data Protection Regulation (GDPR), complicated matters for security and compliance teams.

Enter 2020 and COVID-19. The global pandemic, contraction of global economies, and the almost overnight shift to remote work produced two major challenges for security teams.

Most enterprises shifted almost overnight from employees connecting to the company network via controlled office spaces, to a model of almost complete remote work. Enterprises had to figure out how to adapt existing security technology for the new environment, and in many cases had little budget for new solutions better suited to remote work environments.

Employees are now connecting to corporate networks from a much wider variety of devices, via personal home internet connections, and with a need to access many third-party services directly. While many organisations already had the technology in place to successfully implement remote work (collaboration tools, teleconferencing, etc) – the impact on security remains to be seen. At the very least, organisations now face a challenge to ensure they can secure endpoints in difficult-to-control remote working environments.

Businesses who are keen to properly manage and protect their data need to better understand the intricacies of their information and how that information is stored. To better grasp this, organisations should consider the following questions:

– What types of data are considered sensitive?
– Where and how is the company’s vital information stored?
– Who has access to sensitive data and what are the circumstances surrounding how that data is accessed?
– How regularly do you review the people who need access to this sensitive data?
– What are the procedures in place to alert the appropriate teams when pertinent information moves from one location to another?
– What systems are in place to combat unauthorised use by potential cybercriminals attempting to breach sensitive company information?

Addressing these questions will help teams properly assess risk, start to create a plan, and determine the most effective approach to managing their information securely in the new world of work. A better understanding of data locations, security posture, and access establishes a solid foundation to operate from when managing both security and risk.

Adopting defence-in-depth
Most organisations have adopted a “defence-in-depth” strategy – which incorporates layers of defence that analyse the perimeter, network streams, and most importantly, takes endpoints and devices into account – to improve the resilience of their organisations. Technology to stop attacks at the perimeter is critical, but wholly insufficient against advanced and targeted cyber threats designed to evade perimeter detection. Endpoint visibility and control is essential to discover and mitigate the impact of active and ongoing breaches that may have already penetrated standard firewalls and anti-virus technology.

Faced with reduced budgets and persistent shortages of skilled labour, enterprises are increasingly looking to endpoint detection and response (EDR) solutions for the automation and efficiency they provide. Using various data analytics techniques to detect suspicious system behaviour, modern EDR tools act as a force multiplier for security teams by providing contextual information, automatically blocking malicious activity, and providing remediation suggestions and workflows to help security teams more quickly restore impacted systems.

In addition, the ability to continuously collect and analyse endpoint data is critical to understanding what is happening on recently added endpoints, if a threat may have breached the network, and will be vital to ensuring regulatory compliance, reporting and verification in the event of an incident.

The future of enterprise security

2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals – and this is likely to continue. In the short term, security teams quickly embraced new tools that helped them work more quickly, effectively, and efficiently. However, the long term effects and potential risks still need to be considered.

The growing rate of cybercrime highlights the importance of a curriculum and education system that properly prepares the next generation of IT and security professionals. According to the Department for Digital, Culture, Media & Sport (DCMS), in the UK, 37pc of all vacancies for cyber roles since Jan 2019 have been hard-to-fill. Furthermore, 18pc have existing employees in cyber roles who lack the necessary technical skills.

The digital economy has brought the world closer together and individuals are far more connected than ever before. Digitisation helped provide the enterprise with resilience during the COVID-19 pandemic. However, looking forward, this increased connectedness occurs against a backdrop where attackers are aggressively looking to compromise endpoints, consumers and governments are increasingly concerned about data privacy, and data protection is a priority for every enterprise.

Post-pandemic, business leaders need to understand the impact this convergence of security, risk and privacy has had, and prioritise the need for enterprise-grade endpoint detection and response solutions. Otherwise, they leave themselves exposed to increased cyber risk and new threats which could make them headline news if they escalate into a data breach.


Tags

Related News