By Diem Shin, Head of Product Marketing, Telos Corporation
Organizations today are cloud-centric and more connected than ever. Many organizations are full of legacy systems and complex IT infrastructures, making it more difficult to secure, but more attractive to cybercriminals seeking quick financial gains. With a number of high-profile and destructive attacks on critical infrastructure organizations such as Colonial Pipeline, JBS USA and Kaseya, organizations are busy finding ways to strengthen their defenses to deal with the ever-growing number of cyber threats.
A recent study conducted by Vanson Bourne, an independent market research firm in the tech sector, found that 83% of organizations experienced cyberattacks in the past two years that compromised their networks but did not gain access to critical IT assets. 50% reported that hackers could gain access to critical IT assets. This finding has been corroborated by numerous other studies, including: Research on S-RM 61% of organizations have experienced a serious cyber incident in the past three years. Although this figure is slightly lower than Vanson Bourne’s figure, the study cited above is inherently broader, while this study only refers to “serious” cyber incidents. With many organizations clearly struggling to protect their networks from cyberattacks, there is no room for complacent when it comes to protecting critical IT assets.
of organizations fear attacks on critical IT assets within the next six months.
What is considered a critical IT asset?
Critical IT assets are those whose loss or theft can be catastrophic for an organization as well as society at large. According to Vanson Bourne, critical IT assets fall into one of three categories:
- Operational tools: Impairment of these tools, which are fundamental to day-to-day business, can affect an organization’s ability to generate revenue and provide services to customers, patients, or students. For example, telemedicine and telemedicine platforms are essential components for healthcare organizations to provide services to patients.
- Security system: Systems organizations are in place to protect customers, IT networks and physical buildings. It plays an important role in helping organizations operate safely. When your system is compromised, hackers can install malware to extract your data or be a harbinger of a ransomware attack.
- Database: Contains sensitive and sensitive information such as customer or employee data or intellectual property.
Critical IT assets vary by sector.
| sector: | Banking, Financial Services and Insurance | Medical and Life Sciences | Energy, Oil/Gas and Utilities | K-12 education | higher education |
| Assets to secure: | trading infrastructure | Telemedicine and telemedicine platform | Field work | Cyberbullying Prevention System | Digital Learning Tools, Platforms and Communications |
With the growing interest in protecting critical IT assets, are your current security tools sufficient to prevent further attacks?
Organizations are currently using a variety of tools to secure their IT networks. Traditional security toolkits include antivirus programs (42%), identity and access management (40%), encryption tools (40%), and firewalls (40%), all designed to block unauthorized users and limit damage has been violation. However, if a malicious actor is able to breach the perimeter and gain access to the network, all assets, including sensitive IT assets, are marked and vulnerable to attack.
There are additional concerns regarding the tools organizations currently use to protect critical IT assets. The main concern is that internal users may have too much access to these assets. In this case, the theft of the credentials of a user with unrestricted access to the network could lead to a catastrophic attack with devastating effects.
In addition to the challenge of protecting critical IT assets, 75% of organizations believe that their IT and IT security staff are not fully prepared to deal with the growing number of attacks. As the frequency and complexity of cyber attacks increases, they become inherently difficult to defend against. And organizations need to assess their security posture and ensure they have the right tools to defend against future attacks.
Segmentation of critical assets is the first step.
of organizations believe they need to improve their ability to prevent attackers from gaining access to critical IT assets in the event of a breach.
To achieve these additional safeguards, organizations must go beyond traditional security tools that focus on preventing unauthorized users from embedding tools to protect assets within their networks.
Most organizations (70%) are segmenting their critical IT assets and protecting them with specific, separate tools. Segmentation allows organizations to provide harm control and prevent small breaches from becoming large data breaches. Segmenting critical IT assets presents another hurdle for threat actors looking for easier targets.
While segmentation provides many benefits, 93% of organizations believe that the current tools used to protect segmented assets are insufficient to defend against cyberattacks and plan to implement additional solutions to protect critical IT assets.
Network Obfuscation – Your Secret Weapon to Protect Your Critical IT Assets
One such tool is a network obfuscation solution. Network obfuscation was cited as one of the top three tools organizations plan to implement over the next two years to protect their critical IT assets. Network obfuscation tools hide your network assets by removing your IP address from public internet and cyber attackers. Many solutions also combine IP obfuscation, multi-layer encryption, and dynamic IP routing to ensure that network assets remain anonymous. Network obfuscation eliminates the attack surface area, minimizing or eliminating the risk of cyberattacks.
Network obfuscation combined with segmentation allows organizations to provide tighter security protocols for their sensitive assets. For those who can’t sleep at night because of concerns that hackers could gain access to their crown, an obfuscating solution that hides your presence from the Internet can help you get a good night’s sleep. Over the next two years, 35% of organizations plan to invest in network obfuscation as part of a toolkit to protect critical IT assets.
read the full report, The evolution of protecting critical IT assetsWritten by Vanson Bourne, commissioned by Telos.
About the author
SynDM will join Telos in 2021 and serve as Product Marketing Manager for Telos Ghost, a cloud-based managed attribution product and service business. Diem has over 15 years of experience developing and releasing software and SaaS solutions for global technology companies. Prior to joining Telos, Diem worked for technology companies including Fugue, Verisign, Clarabridge, Neustar and Ericsson.
Diem Shin can be contacted online at: https://www.linkedin.com/in/diemshin/ and on our website https://www.telos.com/
Fair Use Notice: “Fair use” laws allow other authors to make limited use of the original author’s work without permission. Under 17 US Code § 107, “It is not copyright infringement to use copyrighted material for purposes such as criticism, commentary, news reporting, education (including multiple copies for classroom use), scholarship, or research.” As a matter of policy, fair use is based on the belief that the public is free to use portions of copyrighted material for the purposes of comment and criticism. Fair use privileges are perhaps the most important restrictions on the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and more free of charge on its website Cyber Defense Magazine. All images and reporting are conducted exclusively in accordance with the fair use of US copyright laws.