The dynamics of the cybersecurity landscape have changed since the onset of the pandemic, especially with the adoption of the hybrid work model, according to a technology company executive.
“Cloud, hybrid, and remote work models have changed traditional perimeter networks to a boundary-less architecture. Though this architecture has offered workers more flexibility and convenience while enhancing productivity, it has complicated the IT security landscape,” ManageEngine director of program management Manikandan Thangaraj says in an email interview.
ManageEngine is the IT enterprise management division of Zoho Corp., an Indian multinational technology company behind Zoho Office Suite.
Thangaraj says the adoption of bring-your-own-device policies and the use of virtual private networks to access sensitive files have opened new security gaps in an organization’s network.
“Attacks that exploit vulnerabilities in remote protocols have given rise to these new-age attacks. Moreover, cloud adoption has led to perimeterless networks, and legacy security solutions have been unable to tackle these changes,” he says.
Security vendors recognized these changes in cybersecurity dynamics and enhanced their solutions to help enterprises adopt security technologies such as Zero Trust and orchestrate with other IT infrastructure components for better security visibility.
“These modern security solutions integrated with ITSM software, network monitoring tools, identity and access management infrastructure and business intelligence tools speed up the incident detection and resolution process,” he says.
Thangaraj says integrating ITSM software with remote monitoring tools allows organizations to get a handle on securing their networks. These tools can create unique support plans that help IT security teams respond swiftly and assuredly in the face of any cybersecurity incident, he says.
Customer data
An important company asset that is heavily under threat is data. Thangaraj says the first step to protecting customer data is to know where it is located. With data loss prevention solutions, IT teams are able to discover confidential data including personal identifiable information or intellectual property residing across the network. Once organizations have visibility on their sensitive data, the next step is to implement controls to monitor and secure access on multiple levels, he says.
Complying with different regulatory mandates is the best way to start implementing stringent data security and access policies. For instance, enterprises that handle customer data from the Philippines should comply with the Data Privacy Act 2012 (Republic Act Number 10173). Meeting the requirements of this mandate means that organizations should establish security measures to avoid unauthorized processing of sensitive personal information such as race, health records and social security numbers. Organizations are advised to collect only the data that is necessary for their operations and abstain from using it for any other purposes, he says.
After establishing strong security measures, organizations should add context to past security events to proactively detect and mitigate future attacks. Adopting an integrated approach where data protection, compliance management, cloud security and threat management are streamlined will build an efficient safety net for any organization to thrive in the digitally-transformed world, according to Thangaraj
Democratizing cybersecurity
He underscores the importance of democratizing cybersecurity to create a culture where the defense of the IT landscape is the responsibility of everyone—from executives to general staff. This relieves pressure from IT teams, allowing them to focus on tasks that bring more value to the business, while also strengthening the organization’s cybersecurity posture.
He says that for employees, this can be as simple as creating strong passwords or updating software as required. Performing these best practices consistently can encourage the proliferation of a cyber-secure culture that boosts the organization’s ability to achieve business goals.
Thangaraj says leaders should make cybersecurity an integral part of the organization’s strategy. Aligning cybersecurity with the organization’s policies can lead to better social media practices and digital hygiene. Training users in how to best respond to cybersecurity incidents and rewarding good cybersecurity behaviors will empower employees to take an active role in protecting their organization, he says.
Evolving threat
He confirms the presence of sophisticated and rapidly evolving cybercrimes today. Staying ahead of the ever-evolving threat landscape can seem like an insurmountable task, but solutions like AI-driven predictive analytics and advanced threat analytics can update IT teams on new security threats and help them stay ahead of the security curve.
ATAs can correlate security logs with contextual data such as dynamically changing threat feeds to spot and block malicious entries, he says.
“Organizations should also future-proof their networks with security platforms such as security information and event management solutions and threat and vulnerability management software. These solutions are designed to help IT teams provide continuous monitoring of the devices connected to the network, even if they originate from outside traditional perimeters,” he says.
“They can also analyze risk based on age, number of assets affected, exploitability, and patch availability so that IT teams can easily prioritize their responses. Organizations must take a proactive approach towards cyber defense instead of a reactive response to cybercrimes,” he says.
Emerging trends
An emerging trend in enterprise cybersecurity is AI-driven remediation or the capability of machine learning to replicate human intelligence in powerful AI models that can uncover latent patterns in observed data and resolve incidents.
AI-driven auto remediation captures different states of a system by leveraging deep reinforcement learning technology and learns the best actions to take to resolve them.
Thangaraj says that despite the widespread use of machine learning in IT operations, understanding user decisions, identifying root cause issues and providing relevant recommendations to solve them autonomously are some of the capabilities still needed.
“To build adaptive abilities that can recommend appropriate remedial actions for root cause issues requires a blend of deep domain expertise and robust machine learning models. By leveraging historical tribal knowledge, AI driven remediation can bridge the knowledge gaps across an organization and help users understand and resolve issues quickly,” he says.
Another noteworthy trend is cloud access security broker and secure access service edge. A SASE platform such as Autonomous Security Engine offers a comprehensive approach to security, making it an attractive option for companies looking for a comprehensive security solution.
He says with CASB solutions, companies can easily control their cloud applications, which is beneficial for organizations whose primary concern is for the security of their cloud applications.
Enterprises needing an expansive approach to security may benefit more from SASE platforms. When it comes to security and networking integration, SASE is often the best choice as it simplifies and organizes security and networking management processes, he says.