Using this year to empower positive security change
There is a reason it feels clichéd to start a post about the impact of the pandemic on cyber security, and it’s because it has had such an impact on the way companies view cyber risk, that so much has been written about it.
The people who used to sit next to you, make you a cup of tea, or steal your pen have taken digital form, appearing on Zoom, Slack or somewhere inside the sprawling Office 365 environment. Each one of them, overnight, became full-time digital risk points for the security team, shattering into a multitude of problems like light hitting a prism.
Because of this, it is down to cyber security teams to effectively mitigate these risks to ensure that, as opposed to limiting companies, they are empowering their workforce to embrace this forced digital transformation.
To try and understand the big picture issues at play, we spoke to 300 senior cyber security professionals, trying to unpick the themes, topics and issues at play.
Four clear topics emerged which, when addressed, can help drive positive security change through the security team and into the wider workforce.
- Cloud services. Cyber security in 2020 has been made more unpredictable thanks to the rise in use of cloud applications and services for remote working. In essence, more people accessing data at a greater distance from traditional policies, protections and controls has magnified the attack surface. Of those we asked, there has been a 50% rise in attacks such as Business Email Compromise, Account Takeover and phishing and whaling attacks. The three greatest areas of concern, as highlighted by those asked, were data loss, compromise of a cloud service provider and Account Takeover attacks. Get these challenges right and it can be a force multiplier for organisations.
- The importance of email security. If sensitive data squirrelled away in a server protected by semi-sentient algorithms is the motherlode, then email is the front-line. Always getting hit and continually at risk of an unexpected human failing– it is a toehold into the modern remote environment that must be removed, constantly. 86% of people questioned told us that these attacks were getting more sophisticated. With emerging techniques such as invoice fraud and ATO, it is no surprise that nearly half of all security teams questioned said they would be safer if they didn’t use email. Often, this requires going beyond the in-built protections in cloud solutions, such as Microsoft’s Advanced Threat Protection.
- Remote working culture brings certain inalienable truths linked to human behaviour that security teams will have to accept to enable effective remote working. People will be people. People will be people. Of the security leaders we questioned, 22% said their employees had been using streaming services while at work, while 34% had found employees using work credentials for personal accounts. This speaks to a wider problem that, as the world goes remote, work and home become further enmeshed, presenting numerous problems for security teams looking to put controls in place.
- All, the above provides an opportunity to adapt and put technology in place that is more relevant to the new threat landscape. Security transformation is not easy to perform but done correctly it can be a huge enabling force that empowers progressive ways of working and creates a more agile organisation. Traditional countermeasures may struggle to collect and analyse aggregate threat intel across modern cloud application platforms, for example.However, deploying a solution which has full combined visibility of all threat vectors can free security teams to be more proactive. Instead of having their head in a dizzying array of dashboards, consolidation can allow for the kind of proactive approach that puts the entire company on the front foot.
More specifically, given the importance of email security, teams should look to deploy a cutting-edge solution which takes a layered approach against emerging email attack techniques, such as targeted email fraud (e.g. business email compromise or CEO fraud).
With low volume, targeted email attacks becoming the norm, a solution is needed which helps you adapt to this and provides features such as bespoke policies around your CEO, CFO and accounts teams. This can be supported by implementing voice or video transaction checks to prevent high-value fraud.
Security teams should also consider using a CASB solution which allows for the implementation and management of policies in the plethora of cloud platforms now being used by the remote workforce. With a granular view of who is doing what and when, and controls to stop dangerous actions, malicious and risky activities can be mitigated and the benefits of cloud working embraced.
To secure the user access point to such applications, context-aware MFA is a great way of making sure only the right people have access to enterprise information. This enhances trust in your remote workforce and makes it far harder for an attacker to get inside your environment in the first place.
When seen as an opportunity, the paradigm shift of 2020 can be an empowering force, not just for security teams, but for entire organisations. Providing trust in new ways of working is crucial in helping businesses thrive in a challenging and changing work environment.