The deadly vestiges of Covid so far have divided corporate cybersecurity into three phases. Phase 1 was a rush to move the business forward in the face of an uncertain epidemic. In Phase 2, additional security measures were put in place to further calm the storm. The third phase is now just beginning as we move further into 2022, and it could show the way to much better security as we all learn to coexist with the pandemic in the long run.
Stage 1
Phase 1 began around March 2020, when Covid was forcing large-scale changes in the workforce and critically demanding that those changes happen in too short a time. For example, CISOs and CIOs had to create 60,000 new remote sites in a matter of days. This project would normally have been carefully planned over many years.
“Enterprises are aggressively moving beyond the security complexities of rapidly moving remote workforces to the cloud transformation of large-scale enterprise data already underway,” said Rodman Ramezanian, enterprise cloud security advisor at Skyhigh Security. accelerated,” he said. “For many organizations, this meant that their on-premises systems were moved completely offsite, while others kept some on-premises workloads at least in Phase One.”
Level 1 was an emergency. CISOs and CIOs had to make these cloud and remote changes immediately, often cutting the corner of security needed to make them happen.
The remote transition made clear everything CIOs and CISOs already knew. VPNs offered little meaningful security and had severe bandwidth limitations.
“When VPNs affected less than 10% of employees, IT and security management gladly overlooked these issues in a compromise of simplifying forwarding access to sensitive corporate data centers and receiving files from the same data centers,” Ramezanian said. said. “But with the COVID-19 overturning from 10% to 90% impacting many parts of the company, this acceptance is untenable.”
For many businesses, the first signs of VPN problems appear the very day most sites are set up. Because VPNs are not designed to support the size and distribution of individuals, many have failed because traffic congestion overloads their bandwidth. The IT team had to quickly negotiate with the vendor to buy more bandwidth at a price that could not be easily negotiated.
When it comes to security, VPNs are not designed to do anything other than provide an encrypted tunnel for sending and receiving files. Some marketers promote VPNs as cybersecurity tools, but VPNs don’t scan what’s in an encrypted tunnel. They merely promote the safe passage of traffic, regardless of what traffic volume contains. So if a cyber thief places malware on a spreadsheet or a slide set on a remote site, the tunnel will undoubtedly protect and transmit the malware. VPNs have become not a locked door, but an open backdoor that allows attackers to sneak malware into the heart of corporate networks.
Step 2
Within about six months, things calmed down somewhat, and a layer of security was gradually added to the new work. Patches like adding an MFA element often do not differentiate between strong MFA (eg encrypted apps) and unencrypted SMS, which is very vulnerable to man-in-the-middle and other attacks. .
Biometrics have come under consideration, including face, voice, or fingerprint recognition, but are a weak option for the retina. To make matters worse, some biometrics by default fall back to the default PIN if the biometric fails, thus almost negating the purpose of additional security.
Step 3
Covid-19 is no longer considered a temporary suspension. Rather, leaders have adopted or accelerated cybersecurity protocols. “Remember, in March 2020, many executives were running with the belief that the disaster would be over in a few weeks,” Ramezanian said. “Now management is finally internalizing the fact that this is long-term, if not semi-permanent, and they are always looking for something to do. Reshaping enterprise cybersecurity to address the current threat landscape rather than the one that existed three years ago. “
The landscape has changed as data access rights granted to external partners, including suppliers, distributors, contractors, and large customers, have dramatically increased, in addition to remote site and cloud expansion and reduced associated on-premises operations. How can I securely grant this access?
“Then, critical data protection and data visibility issues such as devising the best approach to controlling data access across the global environment without losing the ability to scan and block items that do not meet policies in real time,” Ramezanian said. There is,” he said. .
CISOs have agreed on the concept of zero trust to address these issues over the years, but few have been involved in the massive restructuring of the necessary systems. In 2022, many enterprises will finally take that step by implementing Zero Trust Network Access (ZTNA), a granular, adaptive and context-aware policy to provide secure, seamless, zero-trust access to private applications hosted in the cloud and corporate data. I am getting ready to step on it. Center from any remote location and device.
According to Ramezanian, the move to ZTNA should entail the following key components:
- Gradually replace VPNs for a secure means of interacting with corporate networks. This includes enterprise-level authentication and encrypted tunnels that add malware detection and eradication.
- Strictly view the least privileges for access control.
- Deploy behavioral analytics, continuous authentication, and machine learning (ML) together for anomaly detection. Ramezanian says these three technologies could be the start of a path beyond passwords and PINs.
- Zero trust architecture includes data protection Protect proprietary and sensitive data in situations where trust cannot be implied.
As much as it can be said that global catastrophe has a silver lining, it is finally time for businesses to truly modernize their security operations.
Please visit www.skyhighsecurity.com for more information on best deployment practices. personal access.