When 50% of users work remotely, it takes organizations 58 days longer to identify and contain a breach. The longer it takes to contain, the more costly the breach, according to IBM.
Big data unleashed equals big problems. With data accessible from virtually anywhere and all the time, IT leaders are faced with scaling security in an IT environment that essentially has no boundaries. Under hybrid work models, data resides wherever the endpoints and users are, and that puts assets in unmanaged locations beyond the control of the IT team. This trend, summarized in a Nemertes Research white paper, has been exacerbated by the pandemic: Most architects think of the corporate WAN as connecting inside-to-inside: in other words, premises-based users (workers in offices) to premises-based resources applications running in data centers). That’s not only inaccurate in these pandemic times, it’s been inaccurate for a long time. In early 2020, Nemertes research studies found that just 38% of all WAN traffic was inside-to-inside. The remaining 62% was either: outside-to-inside (WFH workers connecting to premises based resources), inside-to-outside (on-premise workers connecting to the cloud), outside-to-outside (WFH workers connecting to the cloud). Compounding all this complexity: big data will only get bigger.
It’s difficult to attain zero-trust for mobile phones and supply chains. While zero-trust has become a leading security strategy, it isn’t always possible in every scenario. Mobile devices and any uncontrolled hardware create obstacles that the security industry has not yet overcome. Simply put, it’s because of supply chain-based attacks. It all goes back to the device manufacturers who must defend their hardware, microchips, and software from attackers. But it’s a nearly impossible defense job. No security technology exists today that can effectively protect against supply chain attacks targeting the software or hardware suppliers themselves, and zero- trust fails to evaluate the user device at the hardware and source-code level. On a more positive note, zero-trust can verify user identities until the sun goes down, but those checking functions don’t go deep enough to identify the underlying threat. Thus, mobile device security will be compromised until zero- trust reaches ground zero.
New technologies make attacks easier. Technology innovation cuts both ways, benefiting companies and criminals. This helps explain why cyber criminals are doubling down on their efforts to both profiteer from and disrupt hybrid businesses. New AI-based technologies like deepfakes and GPT3 can be used to target and automate attacks. Additionally, Microsoft 365 continually gets targeted by bad actors who can evade detection with just a few clicks. Ransomware has increased 148% or more year over year, and cryptocurrency makes it worse.
Ensure all remotely connected devices have advanced endpoint detection and response solutions and are actively monitored 24/7.
Protect data in cloud-based environments via security access policies and monitoring technologies.
Invest in monitoring tools that have visibility into all access points in and out of all environments.
Deploy security orchestration, automation, and response capabilities to streamline detection and response.
Adopt a Zero Trust security framework to prevent unauthorized access to critical data.