Rethinking cybersecurity strategies to protect the anywhere workforce

In his latest article, Rick McElroy, Principal Cybersecurity Strategist, VMware discusses the report identifying trends in hacking and malicious attacks. As well as looking at the financial and reputational impact breaches have had and how organizations are adapting their security and infrastructure to deal with the challenges of a distributed workforce and evolving their defences to make security intrinsic to infrastructure and operation.
In his latest article, Rick McElroy, Principal Cybersecurity Strategist, VMware discusses the report identifying trends in hacking and malicious attacks. As well as looking at the financial and reputational impact breaches have had and how organizations are adapting their security and infrastructure to deal with the challenges of a distributed workforce and evolving their defences to make security intrinsic to infrastructure and operation.

It’s time for security teams to switch gears. We’ve reached a pivotal point in the history of cybersecurity where externally generated change has delivered a mandate for the industry to think differently and fundamentally alter our approach. The remote work environment is here to stay, so we need to assimilate what we’ve learned and devise a roadmap that will allow us to protect the anywhere workforce proactively. It’s a once-in-a-generation opportunity, so the question is, where should cybersecurity strategists focus as we set a course for the years ahead?

To answer that question, VMware surveyed more than 3,500 senior cybersecurity professionals to understand the current threat landscape and the past year’s impact. The insights we uncovered show a cybersecurity environment where malicious actors have thrived and attack volume and sophistication have escalated. Moreover, as entire industries pivoted to working remotely, breaches were the inevitable result. Here is what we learned, and what we believe security leaders need to do next.    

Visibility is (still) everything – prioritize gaining oversight of the distributed network

The anywhere workforce has created a visibility problem. The volume of attacks has increased for three-quarters of global organizations, and 78% say they saw more attacks due to increased remote working. However, the true scale of attacks is hard to discern as defenders can’t see into the corners where personal mobile devices and home networks have been grafted on to the corporate ecosystem. On top of this, the risk posed by third party apps and vendors has increased the number of blind spots.

Consequently, cybersecurity teams need contextual oversight and better visibility over data and applications – in fact, 63% of the professionals we surveyed said this was important. A key priority must be gaining visibility into all endpoints and workloads across the newly defined and highly distributed ‘work from anywhere’ network. This network looks and behaves differently from past ones, so familiarising teams with its quirks and vulnerabilities is critical. Robust situational intelligence is needed so teams understand the context of what they’re looking at and have confidence that they are remediating the risks that matter.

Prepare for ransomware attacks

Familiar TTPs saw a resurgence last year and none more so than ransomware. It was the joint top cause of breaches among the organizations we surveyed, and our threat intelligence unit saw a 900% spike in attacks during the first half of 2020. Attacks have become multi-stage as attackers focus on gaining undetected access to networks, exfiltrating data and establishing back doors, before launching ransom demands.

To tackle this resurgent issue and avoid falling victim to repeated attacks, organizations need a dual approach that combines advanced ransomware protection with robust post-attack remediation to detect the continued presence of adversaries in their environment. This means committing resources to threat-hunting while also hardening the common attack channels, such as email, which remains the most common launch point for ransomware attacks.

Close the gaps in legacy technology and processes

The switch to remote working exposed weaknesses in security technology and processes, which subsequently led to breaches. Organizations that had not yet implemented multi-factor authentication found that remote workers could not securely access corporate networks without introducing significant risk.

Now that remote working has become a permanent feature; security teams have a strong mandate to demand strategic investment to close those gaps between their current security environment and what is needed to protect the workforce.

Rethink security and deliver it as a distributed service

The top cause of security breaches among our surveyed organizations was third party applications, underlining the endemic security risk in the extended enterprise ecosystem. This, together with the distributed environment, reinforces the need to rethink security approaches.

Fundamentally, the security problem has changed. While this change has been underway for some time, as demand for mobility and flexibility has fractured the corporate perimeter, the past year’s events have obliterated it entirely. Gone are the days when IT is focused on securing company-owned desktops for employees working on campus, connecting to corporate applications running on servers in a company-owned data centre. Today, remote workers are connecting to applications running on infrastructure that may or may not be managed, owned, or controlled by the company. 

With so many new surfaces and different types of environments to defend, endpoint and network controls must be highly adaptable and flexible. This means organizations must deliver security that follows the assets being protected. For the majority, this means turning to the cloud.

Cloud-first security comes with a cautionary note

The shift to a cloud-first security strategy is universal in the drive to secure the cloud-first environment. Nevertheless, this shift brings its own challenges. The cloud is not a security panacea and controls must be vetted by organizations because if adversaries want to attack at scale, the cloud is the place to do it. In fact, cloud-based attacks were the most commonly experienced attack type reported globally. Adversaries are prepared to piggyback on companies’ digital transformation, and it is certain that we’ll see more sophisticated cloud attacks over the coming year.

READ MORE:

The last year has shown just how important cybersecurity is to the resilience and continuity of businesses worldwide. With this rise in profile, the industry is in a strong position to take this once-in-a-generation opportunity to move beyond the siloes of legacy approaches and roll out strategies where security is unified, context-centric and intrinsic. 

For the data behind the insights, read the full VMware Global Security Insights report here

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...