Advertisment

Evolving Security Threats: Protection against the changing cybersecurity risk landscape

author-image
Ashok Pandey
New Update
Evolving Security Threats Protection against the changing cybersecurity risk landscape

In the past, an organization’s systems were typically secured by perimeter monitoring and the focus of the security teams was on the external elements. However, the remote-working environment has brought everyone and every application/device into the vulnerable category.

Advertisment

The security threats are evolving rapidly and it is much easier to compromise the framework from the inside now. Thus, it is very important to assess what kind of damage an internal threat can cause, and taking proactive measures to mitigate such risks is crucial.

We spoke to Murtaza Bhatia, Senior Cybersecurity Specialist, NTT Ltd. in India to understand the new landscape, threats, challenges, etc.

Re-think security to align with the present business landscape

Advertisment

The post-pandemic business landscape has undergone a tremendous change. To keep the businesses running smoothly in the new normal, a massive re-architecture process has been undertaken. The revamp of the architecture has ushered in a number of benefits too. From the response to recovery, the entire wave of business alignment IT has now become fully hybrid.

Thus, it has become imperative to review the security and align it to the re-structured business processes and protecting the underlying IT from security threats of the day. A rethink is needed regarding the shape of IT for any business and its security needs. We need to keep security investments in control yet give it the flexibility to manage the known and the unknown in the new scenario. Zero-trust logins and virtual desktops are some of the tools that are helping organizations function smoothly by allowing remote access restricted by user-profiles and roles.

Anticipate cyber threats and stay a step ahead

Advertisment

One of the biggest risk areas has been the remote access to the company’s data and applications which is now necessary for employees to work from home. Thus, an organization’s systems are now vulnerable to cyber-attacks since they are no longer adequately protected by perimeter security. Employees log in remotely using different device types, and one might even try to access company servers using public and unsecured computers to carry out a task.

Therefore, one of the key strategic shifts is to switch from the current practice of responding to a threat when it is identified and adopt a predictive strategy that can help pre-empt the risks. Cyber-security teams need to keep an eye on the incidents of attacks taking place globally, and to analyze them thoroughly. This kind of analysis will help them predict the impact of such attacks on their own company’s systems and make proactive changes to thwart the same. That’s how an organization will remain ahead of the risks. The whole security control framework has to be transformed into a predictive framework with the right tools and technologies in place. The key is to know and react to situations that might unfold rather than reacting to an attack that has already taken place.

Safeguarding against data theft and data breaches

Advertisment

The key is to ensure context-based access and complete visibility of the entire Hybrid IT platform of the business. Various silo controls have to be integrated with each other to enable real-time sharing of contextual information related to data and application access. Automation of the detection and response processes makes the operations and management of the security landscape faster and more capable.

Apart from the rethink of security tools and tech, there are some of the security best practices that all organizations should adhere to:

Preventing remote workforce related vulnerabilities: Across the board, organizations have reported a greater occurrence of cybersecurity risks since the switch to location independent working. Thus, it is essential to have secure logins in place. We recommend a cloud-based zero trust framework or to opt for virtual desktops using which the employees can safely access the applications and data necessary for their work.

Advertisment

No third-party apps: Unsecured or unverified third-party apps and devices pose the maximum risk. Therefore, access to the systems should be allowed only through pre-approved devices and apps which have adequate security measures and solutions installed or integrated.

No deviation of company’s security guidelines: All the employees should be regularly sensitized on threats and security policies/practices such as frequently changing passwords, keeping strong passwords and avoiding clicking on unverified links or emails. All it requires is for one employee somewhere to err and click on a phishing link and the entire organization’s systems can be compromised. Usage of social media and public communication channels for corporate communications should also be avoided.

Software updates: There is nothing more harmful than outdated software operating critical processes. Organizations should use remote cloud-based systems that automatically update to the latest software versions without any manual monitoring or effort. Such a system would automatically update even the remote devices used by work-from-home employees.

Advertisment

Data backups: The sensitive organizational data should never be stored on a single place. You can either choose cloud-based remote storage or take data backups that are stored at multiple locations which are not connected to each other. That way, you can easily recover the data lost or resume operations if one segment of the systems or data storage units gets attacked by ransomware.

Monitor now and in the future

Today, the entire IT infrastructure has become perimeter less courtesy of the remote working practices. Thus, it has become absolutely essential to monitor the entire landscape to manage security effectively. You don’t need to watch over the data and applications, but, also the user profile, device type and network used to access the organization’s systems.

Thus, we need to deploy proactive security tools which monitor and respond to threats and unusual activities on real-time basis. Most of our client organizations are now demanding services that are integrated with features such as commercial threat intelligence, orchestration and automation, threat identification and alerts and also regular analysis of threat landscape and recommendations.

Such holistic and proactive 24/7 monitoring is going to be essential for all businesses operating in the digital ecosystem in the times to come.

Advertisment