As Europe gradually recovers from the virus’ first wave, businesses plan their return to the office and strive to rebuild and become stronger amid the economic crisis. The pandemic has undeniably impacted key business functions such as IT and security – what with remote working, pressurised network defences and cybercriminals exploiting the situation with COVID-related scams. Infosec teams were tasked with overseeing this migration while protecting organisations from new, unknown threats – and, in many cases, have done so successfully. However, security incidents have increased as a result of WFH, making resilience and operational continuity a business-wide priority over the coming months.
Now, with companies expecting 50% of their staff back in the office by September, this new flexible approach to work is set to complicate networks further. The way to secure these intricate environments is having a clear, unclouded view of what goes on there – ensuring constant awareness of possible threats and enabling prompt defence, should attacks take place. Only then will employees be empowered to work safely, wherever they are, maintaining security across the business.
Adapting to an evolving situation
One of the most destabilising aspects of this year’s events is the speed at which the workplace drastically changed: companies had to quickly change gears to manage and protect a workforce that became remote overnight. Businesses, many of them unprepared for this shift, saw employees suddenly access company resources with their own unsecured devices, or use company laptops with personal WiFi connections. This made corporate networks infinitely more complex, broadening the attack surface and increasing risks. Now, with staff transitioning back to the office, or working flexibly between business premises and their homes, network traffic will constantly and unpredictably switch from LAN to WAN and back, making monitoring and control even more difficult than with a permanently-remote workforce.
Now more than ever, IT and security teams must have uncompromised visibility across the network, to ensure all traffic is analysed and potential threats spotted, regardless of employees’ changing work locations. Because it’s hard to predict how things will evolve – whether remote working will be enforced again, or what cyber-risks will arise – organisations must strive for resilience and be prepared to quickly adapt their security approach. When devising their strategies in these uncertain times, businesses should seek threat detection solutions that can be easily installed and that can rapidly improve security outcomes and generate ROI, thereby driving agility and cost-efficiency.
Enhancing visibility and security on a budget
As revenues shrink due to the crisis, companies are forced to resolve unprecedented problems on a tight or reduced budget. In a new tomorrow where customer demand can drop unexpectedly due to global events, working with optimisation in mind is fundamental. When it comes to network monitoring, there are ways to drive cost-efficiency while ensuring threat protection – for instance, eliminating duplicate traffic and data from low-risk applications. Due to limited resources and cautious policies aimed at retaining profits, companies are currently unable to invest in new solutions to battle new challenges – instead, they can redeploy unused network monitoring tools to make the most of existing assets.
Optimising resources also means using employees’ time and energy more efficiently: with teams overwhelmed by IT requests from remote and fluid workers, technology must be leveraged to speed up repetitive jobs and improve results. These measures combined can enable significant cost savings and enhance security capabilities by up to 70%. At a time where cyberthreats are fierce and ever-changing, this can be of vital help.
Embracing new strategies
All periods of crisis, while causing unwelcome disruptions, can be an opportunity for evolution and positive change. For example, defending company networks in an entirely new cybersecurity landscape requires rethinking traditional approaches to security and adopting innovative methods. The unpredictability of fluid working – with staff cooperating remotely from virtually anywhere, with whatever device or connection is more convenient – means networks with a defined perimeter are now ancient history. Therefore, considering assets “safe” just because they sit within the network can be incredibly risky – in other words, no user should be granted implicit trust.
That’s why many organisations are finally abandoning privilege-based access management methods, unsuitable to secure the modern digital workplace, and are embracing a Zero Trust framework, in which access to resources is given based on user behaviour. Gathering and analysing the necessary information is only possible by thoroughly monitoring all network traffic – you can’t monitor what you can’t see, so at the heart of a ZT architecture is complete network visibility.
No one expected this year to be as testing as it has been so far and few organisations were prepared for the financial difficulties, IT issues and security threats created by this new norm. The road ahead is challenging to say the least but, with network visibility as the cornerstone of their cyber-strategy, organisations can to optimise investments, adapt agilely and ensure protection in the next phase of the pandemic and beyond.