The past 12 months have proved a challenging time where enterprise security is concerned. Having pressed the fast forward button on digital transformation in response to the impact of Covid-19, businesses of every size now need to defend a multitude of cloud platforms, digital customer interaction and remote workforce channels. So it’s no surprise that IT security represents a top board concern.
The rapid pivot to digitalisation triggered by the global pandemic created a wealth of unmissable opportunities for cyber criminals and threat actors everywhere. So much so that last year proved a record breaker in terms of volume, scale and sophistication of cyber-attacks perpetrated against companies, government organisations and individuals.
Yet despite predictions that global spending on cybersecurity will hit $55.7 billion in 2021, the challenges created by distributed IT and work-from-home models means that nearly 80 per cent of senior IT leaders still believe their organisations lack sufficient protection against attack.
Defending the enterprise is a team sport
Not every problem can be resolved by technology alone. When it comes to maintaining cyber vigilance, it pays to train all employees accordingly. Giving end-users access to bite-sized learning that enables them to spot a phishing email and know when and why you shouldn’t click on a link or open a document represents a vital first line of defence for protecting the company’s network and data.
Next, ensuring that those responsible for IT security are appropriately trained in how to implement best practice security guidelines and procedures will be critical. This should include ensuring that these people understand how to integrate preventative measures into day to day business processes and structures.
The mass shift to remote working has greatly expanded the cyber-attack surface and added to the list of vulnerabilities that hackers can exploit. Yet organisations continue to drag their feet when it comes to giving IT teams the expertise they need to push ahead with risk management programmes and strategies that minimise the likelihood and impact of a breach – whether that’s deploying multi-factor authentication or implementing zero-trust security models.
The pursuit of the digital agenda has significant implications for how firms operate. So it stands to reason that IT security teams will need updated cybersecurity training in a whole range of category areas including cloud, IoT, open source, identity and access management, and more, if they’re to keep IT systems secure.
In addition to ensuring that IT teams are given access to the training they need, organisations can also bolster IT security by pursuing the following approaches:
1. Leverage security affinities
Many Dev and DevOps teams already view security as one of their primary responsibilities. So it makes sense to shift more security responsibilities into these teams rather than develop separate security roles. Development teams will benefit from undergoing DevSecOps fundamentals training that integrates security responsibilities into every role. Similarly, secure agile programming and agile training, combined with penetration testing fundamentals, will support teams as they extend their skills in this area.
2 Develop security champions across the business
Data integrity and confidentiality is critical to maintaining brand reputation, so ensuring that key personnel are able to develop their security champion skills and developing cross-organisational literacy in adversary tactics and techniques will be key. For example, enabling security analysts to hone their techniques on system and information security controls and governance will help prepare the way for them to evolve into knowledgeable security architects who support business leaders as they evolve operational processes and practices.
3 Proactively identify potential attack threats and vectors
International information platforms such as MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) represent a rich resource that can be used to learn more about the behaviours of potential attackers, as they often repeat known and successful attacks. This enables companies to proactively introduce security measures rather than simply reacting to attacks. Gaining insights on the practices that invite intruders in will help organisations focus more on the prevention measures and security principles that matter the most. Ensuring that time and effort, as well as resources, are focused on where it will deliver the best results where risk mitigation is concerned.
4 Rethink and modernise development processes
With applications and APIs being developed much faster, and often with minimal coding, integrating security acceptance testing into the development process is now a must have. That’s especially true when utilising third party APIs that could potentially expose back-end systems and web browsers if implemented without appropriate security acceptance testing. Security routines from open source libraries or GitHub repositories and machine (ML) can make it easy to implement the assessment tools that will be needed.
5 Optimise security for hybrid infrastructures
The unplanned push to remote working models has created a raft of new challenges as IT teams turned to cloud solutions to initiate the access platforms needed to assure business continuity in the shortest time possible. Unfortunately, in the scramble to enable the collaboration workers needed and initiate new digital services for customers and partners, security concerns often played second fiddle. However, with remote working looking set to play a key role in how organisations will keep workforces engaged in their day-to-day tasks, security guidelines and procedures for the hybrid infrastructure enterprise now needs to be optimised. In this new hybrid world, organisations need to consider everything from server and datacentre security to securing the network, data and GDPR, and hybrid cloud security. While the public cloud features an extensive security infrastructure, organisations will still need to ensure they understand where their responsibilities begin and end and where the security issues lie.
6 Risk evaluation
Regularly evaluating company-wide knowledge in assessing vulnerabilities and mitigating risks should become part and parcel of what organisations do. In terms of the areas to focus on, companies should ask themselves if:
● They can assess the value of any assets and intellectual property that is potentially at risk
● Everyone in the organisation knows they share responsibility for cybersecurity
● They can mobilise their workforce to repel security attacks
● They are protected from the financial impact of ransomware
● A security incident that resulted in data compromise would undermine customer trust or market position.
IT security is a top priority for businesses in every industry sector, so ensuring that everyone is security aware when it comes to undertaking daily tasks or designing workplace operations is now mission critical. In terms of IT specialists, organisations will need to dedicate time and resources to ensuring these employees are up-to-date with the latest issues, innovations, threats, and vulnerabilities of underlying technologies. But ensuring that other key teams are given the skills and know-how to build security and preventative measures into business processes and structures will also ensure a more holistic and 360 degree posture to security, that is built from the ground up.