The world has changed – today’s security landscape is not static but dynamic and mobile, and will accelerate the need for new security implementations, such as zero trust.
The Covid-19 pandemic and the growth in remote working it has driven have markedly increased organizations’ threat levels. Existing infrastructures take a 30-year-old approach to IT security that was built around static information and the notion that the good guys are inside the firewall and the bad guys are on the outside.
A larger surface for attack
The problem for organizations is that the surface for cyber threats has never been larger. Unfortunately, the reality is that there has been a decrease in security controls and a marked increase in attack volume and sophistication. According to a study from the University of Maryland’s Clark School, a cyberattack occurs, on average, every 39 seconds.
The shift to remote working has created an increasingly dangerous cyber landscape. A 2021 Microsoft Work Trend Index survey of over 30,000 respondents in 31 countries found that 82% want flexible, remote work options, but 48% of employees are less likely to follow safe data practices when working from home. Perhaps that is why the FBI’s Internet Crime Complaint Center (IC3) received 2,474 complaints in 2020 relating to incidents identified as ransomware, with adjusted losses of over $29m.
A shift towards endpoints
In today’s security landscape, data is moving away from the core of the business and towards endpoint devices. The problem is that 90% of attacks now originate on endpoints. Attackers are taking advantage of organizations’ trust in user credentials or built-in processes to infiltrate corporate networks.
Breaches are becoming more common, caused by human error, business email compromise, and increasingly, ransomware. As well as high-profile cases such as the Colonial Pipeline attack earlier in 2021, there have been several smaller ransomware attacks, particularly in Asia.
Zero trust: proving who you are
There is no doubt that remote working is here to stay, and that will have a long-term impact on organizations’ security planning. The key is effective training of users because the organization’s least-trained user is its biggest threat. Every time an email arrives and your least-trained user clicks on it, they become a potential attack route throughout the company.
A key security development will be wider adoption of zero trust, where the organization is continually challenging for authentication, demanding proof of who you are before you can access data. However, zero trust thinking takes time to adopt. For example, it took Google five years to complete the adoption of a zero-trust architecture. Defense starts at the network level, considering how networks are designed and how authentication occurs.
The Biden administration recently introduced a roadmap for government agencies to deploy a zero trust architecture by the end of the 2024 fiscal year. Recent guidance from the administration’s policy arm, the US Office of Management and Budget, demands action in five key areas: identity, devices, networks, applications, and data.
In summary, getting on top of today’s cybersecurity landscape means understanding who owns the organization’s data, knowing who has access to it, where it’s located, and how well it’s protected.