Since the beginning of the pandemic, there has been much debate over whether businesses are being subjected to a wider variety of cyber risks or just an increased number of the same risks as before.
Clearly, the latter has happened as a direct consequence of the increase in remote working, sometimes coupled with overly relaxed security policies based on insufficient risk assessments.
As the digital transformation age progresses – and an increase in the number of connected devices combines with the greater demand for remote working – the modern workplace inevitably faces an increased number of potential vulnerabilities. As a result, gaining visibility of endpoint activity has become a critical objective for security professionals, in a race to anticipate and thwart potential attacks of various types.
Coronavirus has prompted companies globally to shift operations online and invest in ensuring teams can work remotely. While these measures are evidently necessary, they also create new cyber risks.
Companies faced the challenge of balancing business continuity with protecting their organization and customers. These businesses needed to assess the risks involved in embracing remote solutions, determine priorities, improve tooling and authentication and invest in videoconferencing solutions offering the required level of security.
Fortunately, advances in cyber risk solutions have meant this is a challenge they have been able to rise to.
For instance, cybersecurity incident monitoring and response automation, orchestration and AI-based anomaly detection – alongside trained, tested and proven Machine Learning models – have empowered incident responders to significantly lower detection times. These have now decreased from weeks or even months down to minutes or hours, which will prove vital in minimizing the detrimental effects attacks have on personal and corporate IT assets.
Equally important is making use of accurate and real-time threat intelligence, in a process that means proactively blocking some types of attacks before they even start, based on similar events that have already hit other entities. A robust patch management and software inventory review practice is key to ensuring a safe, low-risk environment for a geographically distributed workforce using company resources. This should be supported by a mix of controls applied for every endpoint and tailored to the security context.
The cybersecurity perimeter is now defined as the sum of individual endpoints, a final paradigm shift from the castle-and-moat model that was still the norm prior to the pandemic. This will lead to an increased demand for endpoint activity monitoring and hardening, together with the need for 24/7 eyes-on-glass security analysis, since most environments will now be accessed well outside typical business hours.
In summary, while the pandemic has clearly introduced new levels of risk, the fundamentals of cybersecurity best practices remain the same. The cybersecurity sector must continue to provide a strong control environment against attacks, adopting both proactive and reactive approaches. The good news is that the industry has prepared for this moment for decades – evolving and adapting in response to new threats is what the cybersecurity sector does best.
Would you like to know if your environment is secure?