Network visibility is the crux of security in 2020
Article by Gigamon A/NZ manager George Tsoukas.
The sharp and sizable increase in employees working from home in Asia Pacific, caused by the pandemic, has placed networks under greater pressure than ever before and inevitably has led to heightened cybersecurity risks.
The US National Cybersecurity Centre has reported that malicious actors are increasingly exploiting vulnerabilities in VPNs and other remote working tools, while government-branded scams relating to COVID-19 have been escalating.
Now, as companies plan for a return to the office and adjust business practices to accommodate a fluid workforce, they must keep cyber-risks front of mind.
Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious to continue to ensure protection.
Complete visibility into the network is the only way for IT and security teams to achieve this, by discovering exactly what their environment looks like and reaping the benefits of faster threat detection and response, fewer blind spots and a clear view of all data-in-motion.
New tomorrow, new challenges
IT teams are under unprecedented pressure, bombarded with support requests from users striving to maintain productivity at home or smoothly transition back to the office. Also, with many workers using their own devices and connecting to company networks using personal WiFi connections or mobile data, attack surfaces have expanded, and vulnerabilities exacerbated.
That’s why, to safeguard these newly exposed environments and manage their increased workloads, IT and security pros need to have unobstructed visibility.
Employees working remotely have caused traffic to move from LAN to WAN and north-south traffic to grow, so IT and security must be able to inspect encrypted and unencrypted data to ensure awareness of any potential risks.
IT leaders should consider threat detection tools that are simple to deploy and quick to unlock security advantages. For example, a clear view of ingress and egress links, behind VPN concentrators, would empower Infosec teams to alleviate easily any threats that might arise from remote working.
Supporting a fluid workforce with budget uncertainty, if not outright budget reduction, is no easy achievement. It is possible, however, for companies to increase their security capabilities by up to 70% through removing duplicate traffic, filtering out low-risk application data and redeploying shelved or underutilised tools.
Due to the constantly unfolding situation, companies must be ready at all times to swiftly adapt their priorities and security tactics, so agility is fundamental.
Crucially, by implementing innovative solutions and streamlining repetitive jobs, those defending hybrid networks against cyber-attacks will have more time and headspace to drive better security outcomes and greater remote control, as physical access continues to be a challenge.
Value of a zero trust approach
As many return to their offices or embrace a more fluid way of working, the vulnerabilities revealed by the remote working shift are still present.
‘Work anywhere, work anytime’ is becoming the norm, so network perimeters, already blurred by an increasingly complex infrastructure, are now almost impossible to define.
Because of this, assuming that devices inside the perimeter are secure is not a viable option.
If implicit trust is no longer safe, then a zero trust approach can help to ensure protection in a period of uncertainty. Unsurprisingly, 67% of organisations that have not started their zero trust journey reportedly plan to do so this year.
Zero trust is about placing no trust in any element on the network, and scrupulously determining privileges based on observed behaviour before authorising access. This can be enabled only with complete visibility into the network: organisations can’t monitor and regulate what they can’t see.
Sadly, there isn’t a solution that businesses can purchase and deploy to adopt this security strategy. Zero trust isn’t a product; it’s a mindset, enabled by uncompromised visibility, which must transpire in all security practices to be effective.
It won’t happen overnight but, given the current situation, it’s fundamental that businesses unify and enhance their security efforts to safeguard their remote workforce.
While they grapple with how to optimise costs and maintain productivity at an economically testing time, IT teams also fight another battle: defending increasingly vulnerable networks, sheltering remote employees from growing cyberthreats and, ultimately, safeguarding their organisations.
Keeping up with changing circumstances and ever-morphing threats isn’t easy. However, with a targeted approach to driving network visibility, aided by modern tools and a zero trust architecture, IT and security workers are well equipped to overcome these challenges and emerge stronger.