The cyberattack risks faced by companies using outmoded security methods have been intensifying in recent years. But those challenges have increased dramatically with the advent of the COVID-19 pandemic.
With so many key employees now working remotely, sensitive data needs to be shared outside a company’s walls. This includes employee data, intellectual property, corporate financial data, and other proprietary information. It also includes data on customers, their purchases, and the performance of products in the field.
Cybercriminals have seized this opportunity by launching phishing schemes that lure email users to click on malicious files. Many of these schemes have been COVID-19 related, and they have ranged from audio files impersonating voicemail targeting Office 365 users to emails purporting to be from company executives. Meanwhile, the number of remote desktop protocol (RDP) servers exposed to the internet has risen sharply from 3 million in January 2020 to more than 4.5 million in May, and attacks targeting them were up more than 300% in the United States in both March and April.
Further complicating the job for security professionals, the ubiquity of bring-your-own-device (BYOD) work protocols allows cyber attackers to leverage outdated and unpatched operating systems or insecure apps on employee machines. For example, a vulnerability recently discovered in the popular iOS Mail app may have been exploited for two years (and possibly nearly eight). Companies also must defend against man-in-the-middle attacks, in which an attacker secretly gets in between a user and an accessed web service. A compromised Wi-Fi system, for example, could let an attacker harvest any information a user sends, including passwords.
Companies also face newer, more sophisticated, and pervasive threats. There is a rising incidence of zero-day threats exploiting unpatched software vulnerabilities. Additionally, malware attacks, including keyloggers and ransomware, are leveraging and paralyzing corporate networks. More and more malware seeks to connect IoT devices to botnets that can then create massive distributed denial of service (DDoS) attacks against companies, governments, and institutions, resulting in some of the biggest shutdowns across industries ever seen.
The solution: Adaptable cybersecurity
Cybersecurity has long been due for a rethink that transforms the concepts of usernames, passwords, and IP addresses, turning them into practical elements that support their underlying functions. The emerging digital ecosystem only became possible as the traditional elements of computing — mainframes, operating systems, applications, and networking — became atomized, abstracted, and virtualized. Accordingly, to protect themselves and become more resilient in the face of cybercrime, companies need to consider the broader ecosystem and apply adaptable cybersecurity.
Many security practices are still based on the old concept of trust but verify, yet today data and applications extend far beyond the company’s walls and blind trust is a luxury that no business can afford. Instead, cybersecurity should focus on authenticating identities and devices in the context of requests for any protected resource. Such resources broadly include anything that would constitute a risk to the business if it were compromised. This means data, networks, and workloads, but also their data flows and the underlying infrastructure that supports them.
Legacy security is not robust enough to secure a contemporary IT ecosystem consisting of remote workers, workplaces, partners, and customer interactions, or to protect the data employees may need to access remotely. In the past, security was based on known employees working from company offices or on a laptop using a VPN. Security functions focused on external threats. Internal errors, threats, and leaks were not taken as seriously.
When only company desktops, printers, and on-premises data centers required permissions, that kind of security could manage the challenge. But new vulnerabilities arrive with each advance in technology. Not only are employees using their own devices — smartphones, laptops, tablets, and desktops — but companies depend on the operating technology of internet-connected products. Moreover, individual departments are frequently deploying their own robots and other automated entities, outside the umbrella of corporate IT, and their priorities and security diligence may be inconsistent. That’s why security must be addressed in the corporate IT architecture.
A secure future:
To mitigate risk to their business, most enterprises are continuously investing in new tools and technologies. Leading-edge, risk-focused, and context-aware security is increasingly available as a service. Forward-looking companies take a never trust, always verify approach to access their data and processes, acknowledging that threats evolve and require the capabilities available in advanced technology. Through leveraging such services, a business can embrace a more resilient and adaptable cybersecurity model, positioning itself to survive new challenges and take advantage of the opportunities in emerging digital ecosystems.
"Technology advances - from the Internet of Things (IoT) to Artificial Intelligence (AI) and advanced analytics - are enabling purpose-driven, resilient, and adaptable enterprises."