sb-nz logo
Story image

Network visibility is the crux of security in 2020

08 Oct 2020

Article by Gigamon A/NZ manager George Tsoukas.

The sharp and sizable increase in employees working from home in Asia Pacific, caused by the pandemic, has placed networks under greater pressure than ever before and inevitably has led to heightened cybersecurity risks.

The US National Cybersecurity Centre has reported that malicious actors are increasingly exploiting vulnerabilities in VPNs and other remote working tools, while government-branded scams relating to COVID-19 have been escalating.

Now, as companies plan for a return to the office and adjust business practices to accommodate a fluid workforce, they must keep cyber-risks front of mind.

Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious to continue to ensure protection.

Complete visibility into the network is the only way for IT and security teams to achieve this, by discovering exactly what their environment looks like and reaping the benefits of faster threat detection and response, fewer blind spots and a clear view of all data-in-motion.

New tomorrow, new challenges

IT teams are under unprecedented pressure, bombarded with support requests from users striving to maintain productivity at home or smoothly transition back to the office. Also, with many workers using their own devices and connecting to company networks using personal WiFi connections or mobile data, attack surfaces have expanded, and vulnerabilities exacerbated.

That’s why, to safeguard these newly exposed environments and manage their increased workloads, IT and security pros need to have unobstructed visibility.

Employees working remotely have caused traffic to move from LAN to WAN and north-south traffic to grow, so IT and security must be able to inspect encrypted and unencrypted data to ensure awareness of any potential risks.

IT leaders should consider threat detection tools that are simple to deploy and quick to unlock security advantages. For example, a clear view of ingress and egress links, behind VPN concentrators, would empower Infosec teams to alleviate easily any threats that might arise from remote working.

Supporting a fluid workforce with budget uncertainty, if not outright budget reduction, is no easy achievement. It is possible, however, for companies to increase their security capabilities by up to 70% through removing duplicate traffic, filtering out low-risk application data and redeploying shelved or underutilised tools.

Due to the constantly unfolding situation, companies must be ready at all times to swiftly adapt their priorities and security tactics, so agility is fundamental. 

Crucially, by implementing innovative solutions and streamlining repetitive jobs, those defending hybrid networks against cyber-attacks will have more time and headspace to drive better security outcomes and greater remote control, as physical access continues to be a challenge.

Value of a zero trust approach

As many return to their offices or embrace a more fluid way of working, the vulnerabilities revealed by the remote working shift are still present.

‘Work anywhere, work anytime’ is becoming the norm, so network perimeters, already blurred by an increasingly complex infrastructure, are now almost impossible to define. 

Because of this, assuming that devices inside the perimeter are secure is not a viable option.

If implicit trust is no longer safe, then a zero trust approach can help to ensure protection in a period of uncertainty. Unsurprisingly, 67% of organisations that have not started their zero trust journey reportedly plan to do so this year.

Zero trust is about placing no trust in any element on the network, and scrupulously determining privileges based on observed behaviour before authorising access. This can be enabled only with complete visibility into the network: organisations can’t monitor and regulate what they can’t see.

Sadly, there isn’t a solution that businesses can purchase and deploy to adopt this security strategy. Zero trust isn’t a product; it’s a mindset, enabled by uncompromised visibility, which must transpire in all security practices to be effective.

It won’t happen overnight but, given the current situation, it’s fundamental that businesses unify and enhance their security efforts to safeguard their remote workforce.

While they grapple with how to optimise costs and maintain productivity at an economically testing time, IT teams also fight another battle: defending increasingly vulnerable networks, sheltering remote employees from growing cyberthreats and, ultimately, safeguarding their organisations.

Keeping up with changing circumstances and ever-morphing threats isn’t easy. However, with a targeted approach to driving network visibility, aided by modern tools and a zero trust architecture, IT and security workers are well equipped to overcome these challenges and emerge stronger.

Story image
IBM Security completes industry first with updates to Cloud Pak for Security solution
"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity."More
Story image
Securing SAP to ensure better operational security
Securing information and systems is a process that needs to start long before these vulnerabilities are exposed to help limit potential risk and impacts, writes Acclimation managing partner Cameron Sherrard.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Report: Power utilities increasingly at risk of devastating cyber-attacks
“Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control.”More
Story image
CrowdStrike targets Zero Trust blind spot with new offering
CrowdStrike has officially launched CrowdStrike Falcon Zero Trust Assessment (ZTA), designed to aid in overall security posture by delivering continuous real-time assessments across all endpoints in an organisation regardless of the location, network or user. More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More