Contributed by: Daniel Chu, Director of Systems Engineering, Asia Pacific, ExtraHop
It’s probably safe to say we’re all happy to see the end to a disastrous 2020. While a mass vaccination programme that may herald the return of life as we knew it, BC – Before Covid – is under way in many countries, the pandemic has changed the way businesses operate here and around the world. In 2020, the power of technology came to the fore as countries locked down to halt the spread of the virus and companies turned to digital tools and technologies to help them continue to service their customers.
With the rise in cyber crime in the past year, it has become starkly apparent that there is an extraordinary threat to the viability and profitability of an organisation that comes with cyber-compromise or attack. Not only that, Gartner predicted that by 2023, 75 percent of organisations will restructure risk and security governance to address the widespread adoption of advanced technologies, an increase from fewer than 15 percent today.
Businesses should constantly review their security posture, and continuously look for ways to strengthen defences. The process of whether to invest in new technologies to help detect and respond to attacks is complex. Organisations may think that they already have the necessary tools on hand, but as attack methods evolve so should your solutions to stop them.
Here are three big picture security lessons that will serve businesses well in 2021 and beyond.
Business continuity planning needs to be practiced
Was your business able to keep calm and carry on in 2020, even as government lockdowns and volatile economic conditions put paid to your best laid plans? The COVID crisis represented an extraordinary test for continuity planning which found many enterprises wanting. IDC’s latest COVID-19 Impact on IT Spending Survey indicates increasing challenges across enterprises due to expected decrease in employee productivity, as well as difficulty in addressing business issues, cybersecurity and privacy. If yours was one of those left scrambling to respond, a continuity planning check-up may be in order – but rewriting business strategy to include a chapter on pandemics isn’t the way to go.
Enterprises that are on the fence on whether they should start to rethink their digital strategy need to begin having discussions on how to adapt to the future of remote work. Building resiliency in the face of change such as a sudden shift resources should be the end goal. A continuity plan broad enough to cover a gamut of events, from a ransomware attack to supply chain attacks includes ensuring businesses have the resources needed to respond to change. It’s advisable to run test scenarios to understand if your IT teams have the right policies and procedures in place.
Legacy systems need to be monitored
IT organisations need to pause and reflect on why and how their teams still rely on legacy applications. While there may be a host of reasons why legacy protocols and solutions remain in use, they can represent a happy hunting ground for hackers. The pandemic has accelerated cloud adoption for many organisations by quickly moving to shift applications to modern platforms using containers and microservices to improve business continuity and resiliency. As they make the shift, businesses will want to take advantage of their network data to monitor applications during migration to the cloud. Network data provides a ground source of truth for complete visibility to monitor hybrid networks during cloud migration and is critical to ensuring businesses can detect and respond to threats no matter where the application sits.
If migrating to the cloud isn’t on the agenda in the short or even medium term, businesses should look to network data to monitor applications in the data center to understand the behavior for who and what should be accessing applications.
CISOs belong in the C Suite
2020 will go down in the annals not only as the year of the pandemic but also as a wake-up call for the lengths attackers will go to execute extremely advanced attacks. A surge in malicious online activity – think supply chain attacks, ransomware, phishing and spear phishing campaigns – hammered home the fact that cyber-crime is an extraordinary threat and one that’s not going away any time soon. Chief Information Security Officers (CISOs) play a vital role in assessing risk, formulating defences, educating employees and advocating for the resources they need to protect the enterprise from attack. They can do so far more effectively from a position of prominence than from the back room. Elevating the CISO role within the organisation by providing a seat in the boardroom and a permanent spot in the C suite – should be an imperative for any business that is serious about security.
Making enterprise safer in 2021 and beyond
Moving forward, businesses will find themselves regrouping and rebuilding along the way. As part of this process, it is important to prioritise cybersecurity, and assume you will be compromised as part of your strategic planning. Network detection and response provides a missing link to use the value of network data to gain unprecedented visibility inside the network (east-west), understand how the hybrid network should function and detect and respond to abnormal behavior, like lateral movement, inside the network. 2021 is a chance at a new beginning – businesses that prioritize network data as an essential component to protect their most valuable data will be better equipped to tackle the challenges and opportunities that lie ahead.