Over the past year, the threat landscape has changed dramatically and as organizations shift to the ‘new normal’, they must also adapt their approach to cybersecurity. In many cases, businesses are moving back from remote working to a more hybrid set-up. One of the threats we’re expecting to be particularly prolific in this new landscape is the risk of insider threats – those which originate inside the organization’s network. They can be a product of either malicious behavior or unintentional human error, by anyone from a current or former employee to a consultant or third party.
About the author
Adam Philpott is EMEA president at McAfee Enterprise.
One factor in this high risk is sometimes the actors don’t even know they’re doing it. For example, a breach could stem from something as innocent as bringing an infected device or document into the office after working remotely or sharing sensitive information with their personal, yet unsecure, accounts.
How can businesses effectively pivot their cybersecurity strategy to adapt to the ‘new normal’?
A hybrid workforce means that many employees will continue working remotely to some extent, and in many ways, the cybersecurity risks to businesses are heightened. For example, in this new normal we can expect to see increasingly blurred lines between online activity on corporate and personal devices from staff adjusting to working both remotely and in the office. As such, it’s important that businesses are doing all they can to provide staff with a secure and efficient method of accessing internal apps in the public cloud or data center – no matter where they are. Essentially, they need to set up and enable secure ‘work from anywhere’ practices.
Educating the workforce is also key to maintaining a secure environment for employees and keeping cyber attackers at bay. Employees need to be educated on best practices when it comes to cyber hygiene and adopting a zero trust mindset. Something as simple as questioning a link that looks suspicious and reporting any activity they’re unsure of could mean the difference between a malicious actor being able to access an enterprise’s network or not.
Organizations should also consider deploying extended detection and response (XDR) security capabilities which incorporate risk intelligence. This will provide them with the ability to prioritize threats, predict which malware campaigns will be launched against them and pre-emptively improve their defensive countermeasures. Given the huge rise in cyber threats we’ve detected over the past year – at the end of last year our researchers detected 648 threats per minute, a figure which is only set to rise – taking these pre-emptive measures is essential.
Why is a zero trust mind-set important as businesses enter this new phase of working?
Given the increase we’ve seen in cloud use over the past year or so, a Zero Trust mind-set has never been more important. This is where organizations don’t trust anyone when it comes to security, both outside and inside their networks. It provides a more comprehensive approach to IT security and network defenses, by allowing them to restrict access controls to networks, applications, and environment without sacrificing performance and user experience.
For example, our McAfee research showed that enterprise cloud use increased 50% between January and April 2020 alone. Though essential for efficient business operations and enhancing innovation, increased cloud use can also make it more difficult for IT teams to identify who and what can be trusted within a network if the right security is not in place. This is where a Zero Trust mind-set comes into play, as it allows teams to reduce the risk of their cloud and container deployments, while also improving governance and compliance.
What are the benefits of a collaborative approach to cybersecurity in keeping businesses safe?
The collaborative approach is by no means a new way of thinking in the security industry. In fact, the industry has a history of sharing threat intelligence and new learnings to prevent criminals quickly gaining the upper hand – as they regularly collaborate and share their most successful attack methods. However, as we begin to adapt to ‘the new normal’ and a more hybrid work environment, collaboration is no longer a choice. As many as 88% of data breaches are believed to be caused by human error – and not just originating in the IT team. Therefore, the shared responsibility model has now become a necessity for businesses. The model involves a layered defense in which organizations address each part of the “stack of responsibility” individually, yet they all interact together as a complete framework.
While IT must play its part, end users must also watch out for suspicious links, change their passwords regularly and generally follow good cyber hygiene practices. Ultimately, the collaborative approach enabled with the shared responsibility model guarantees more transparency and accountability, which is key for ensuring best practice in the industry.