Why prevention is better than cure in security - Photo by Chris Montgomery on UnsplashThe idea of prevention being better than the cure is not solely relevant in the healthcare arena. For cybersecurity, the same principle holds true.

When it comes to defending against cybercrime, organisations around the world have drastically varying opinions and approaches. Some have highly sophisticated defences, ready to protect critical assets against even the most sophisticated of attacks. Others have little security structures in place.

Indeed, the latter of these two schools of thought simply isn’t adequate within the context of the exacerbated threat environment of the modern day.

64% of companies globally have experienced a cyberattack

It is estimated that 30,000 websites are hacked, and 300,000 new pieces of malware are created worldwide daily. Additionally, 64% of companies globally have experienced at least one form of cyberattack to date. And cybercriminal activity has only continued to spike since the advent of the global COVID-19 pandemic.

The virus’s rapid spread worldwide resulted in widespread national lockdowns and the enforcement of stay-at-home orders. It forced organisations to transform into digital entities almost overnight. In the wake of this mass transition, digital footprints expanded drastically. It is a dynamic that has provided threat actors with a significantly greater attack surface to target.

The statistics speak for themselves. Hackers breached more than 20 million records in March 2021 alone. While the period 9 March and 6 April 2020 saw over 300,000 coronavirus keyword-related malicious domains registered on the internet.

The financial implications of this shift are dramatic.

According to Cybersecurity Ventures, costs related to cybercriminal damages are predicted to hit $6 trillion annually come the end of 2021. That is double the $3 trillion recorded in 2015.

Indeed, much of the problem stems from the simple fact that many organisations are unprepared for modern day threats.

Remote and hybrid working models were turned to, in large part, out of necessity as opposed to choice. To continue operating successfully, companies had to quickly adapt and ensure working from home was possible for all employees.

Under such extenuating circumstances, security had to take a back seat. It is entirely understandable but short-sighted. The pandemic is now largely understood and, in many cases, under control thanks to progressing vaccination efforts. Those organisations that are continuing to sustain their newly adopted remote, hybrid and cloud-based models now need to take the necessary steps to ensure they are operating securely.

Security malpractices adopted during the pandemic

In no uncertain terms, now is the time for companies to revaluate their security strategies to better protect themselves against both the greater volume and complexity of threats.

Promisingly, Menlo Security’s latest report (based on a survey of 500-plus IT decision-makers in the US and the UK) shows that many organisations are willing to take this next step. While three in four of those companies surveyed unfortunately continue to rely on outdated solutions such as virtual private networks (VPNs) for controlling remote access to applications, the same number are also looking to improve their security strategies in the near future.

Given the challenges of VPNs, ensuring both effective and logical follow through on such intentions is critical.

While VPNs were a known entity prior to the pandemic, providing remote access to a limited number of people, their limitations have been quickly uncovered. When too many users attempt to use them as a gateway for remote access, they become overloaded. It results in bottlenecked traffic, hampered employee productivity and security vulnerabilities.

However, VPNs alone aren’t the only poor security practice that organisations have adopted during the pandemic.

Unmanaged devices pose a major threat to security posture

Equally, where companies were rushed into home working, many advised employees to use their personal devices for work purposes. It is a problem that remains prevalent among some today.

Indeed, Menlo’s latest survey reveals that 75 percent of organisations recognise that hybrid and remote workers accessing applications on unmanaged devices poses a major threat to their overall security posture. Yet, one in five still allow unmanaged devices to connect to corporate applications and resources.

Such poor, outdated practices create easy targets for threat actors. It provides open doors for them to infiltrate organisational networks via relatively simple attack methods.

Yet all is not lost. To reiterate, three in four organisations are seeking to improve their security strategies in the coming months.

With this in mind, it is vital that the right approaches are taken and the most effective preventative security practices put in place to ensure any attempts from threat actors can be thwarted to reduce or eliminate the need for security ‘cures’.

To achieve this, organisations need to reconsider their outdated client first approaches and instead make security the leading priority. In doing so, security becomes a driving force behind all business decisions. It is highly likely that the result will be vulnerabilities both mitigated and avoided.

An evolution of mindset is required. A move away from providing holistic connectivity to an entire network and towards segmented access for each application.

Successful prevention starts with zero trust and isolation technologies

To ensure this transition is successful, the adoption of zero trust is a must.

In essence, zero trust is a framework that requires all internal and external network users to be authenticated, authorised, and continuously validated before being granted or keeping access to applications and data.

It is a far cry from traditional approaches to security that assume all internal network parties can and should be trusted. It adds an additional layer of complexity to defend a network beyond the perimeter.

With zero trust, many of the most infamous cyberattacks that have taken place in recent times may well have been avoided.

SolarWinds, for example – an attack that saw malicious code being installed by 18,000 organisations that included many US government agencies and Fortune 500 companies – occurred where hackers were able to move freely within the network once they gained an initial point of entry while remaining incognito.

Should a threat actor breach the perimeter, zero trust provides an additional layer of protection in the form of complexity and resistance. It makes it extremely difficult for attackers to move laterally, elevate privileges and succeed in their endeavours.

How can zero trust be achieved in the truest sense and with ease?

Here, Menlo recommends the deployment of isolation technologies. This new, cutting-edge solution works by moving the point of execution for active content away from the endpoint and into a disposable, cloud-based virtual container.

In essence, isolation creates a defensive barrier that entirely prevents any malicious content from executing on an end device, barring the threat of malware and phishing attacks as employees conduct typical day-to-day tasks such as browsing the web or opening emails.

It separates the enterprise network from the public web. Yet, at the same time, it uses secure low-latency connections to ensure that an optimal user experience is sustained.

Organisations are beginning to realise the importance of renewed cyber defences within remote, hybrid and cloud-based environments. Isolation paves a straightforward path towards zero trust adoption and can form the critical backbone of a strong security posture.

Indeed, it should be made a central pillar of any renewed security strategy.

LEAVE A REPLY

Please enter your comment!
Please enter your name here