Cybersecurity is facing a crisis. After millions of workers worldwide were forced to work from home, a host of cybersecurity problems rose to the surface. With lockdowns taking place within as little as 24 hours, business, IT, and security functions were caught off-guard and major security gaps were exposed. Amid the chaos, one thing has become clear: organizations need to adopt a new approach to security if they are to thrive in the “new normal”.
Across business, the spotlight is on cybersecurity like never before. We surveyed the market to better understand what security practitioners worldwide think about the implications of the distributed workforce, and the results are surprising. This analysis is shared in full in our new report. Ultimately, we found that current security practices are not keeping up with the changing security landscape. Decentralized change management processes, inconsistent cloud and network configurations, massive fragmented networks, and an exponential rise in vulnerabilities have created the perfect storm. Based on our survey results, it has become obvious that what was once ‘good enough’ in the pre-pandemic era will no longer suffice.
Security is on a knife-edge
Chief information security officers (CISOs) know that they are always a few missteps away from disaster. Our research revealed that 73% of C-level security and IT executives are concerned that new vulnerabilities and exposures have been introduced by remote workers. This concern is well placed. The rapid expansion to cloud and accelerated growth of IT assets, together with a severe shortage of security personnel, has left organizations struggling to deal effectively and proactively with potential attacks that could significantly damage their business and reputation.
These issues are compounded by limited network visibility. The research uncovered that only 11% of executives are very confident in their ability to maintain a holistic view of their organizations’ attack surfaces. Without visibility, and without contextual insight into vulnerabilities and assets, new risk could be introduced. More than that, it’s impossible to track any unauthorized access paths created by remote employees without visibility – something that 70% of C-level executives are at least moderately concerned about.
Fears about new vulnerabilities, exposures, and risk are being stoked by an ever-evolving threat landscape. The sophistication of hacking techniques is growing by the day, as are threat actors’ confidence that they will be successful in their attempts to gain ransoms. Analysis from the Skybox Research Lab found that the creation of new ransomware samples increased by 72% over the first six months of 2020,[1] and the World Health Organization (WHO) has reported a five-fold increase in cyberattacks during 2020.[2] Bad actors are fully aware of how important it is for businesses to maintain continuity during the current crisis and are energized to take advantage of any weaknesses. To address this, security transformation is necessary.
Old habits die hard – cybersecurity needs to establish its own new normal
It’s time to abandon old ways of working. Specifically, it’s time to move away from detect-and-respond tactics. Before the pandemic, security practitioners were already struggling to detect every threat that reached the far edge of their outsized network perimeter and were failing to respond quickly enough. Now, following the events of this year, the flaws in the methodology have been fully exposed. Organizations have too much to manage. Leading CISOs know this, which is why they are actively developing proactive capabilities that will better enable them to prevent threats.
Security in the new normal will be defined by prevention. This can only be achieved with visibility, context-rich insights, focused automation, and data integration across the entire fragmented estate. For some, getting there won’t be straightforward: it requires a change in mindset. But while old habits die hard, an organization’s reputation will die harder if it experiences a breach.
The new normal presents a great opportunity for security to evolve. As the dust settles, we are going to see the emergence of stronger, more resilient security programs. Forward leaning CISOs are focused on developing holistic views of their fragmented environment. When they achieve this, they will be able to see the bigger picture and limit opportunities for increasingly-energized threat actors. They will also gain confidence in their ability to avoid regulatory fines, significantly limit the chance of falling foul to a data breach or ransomware attack, and be able to make better use of stretched resources. We’re not just approaching a new normal – we’re also on the verge of seeing the emergence of a new and improved security model.
For more insight into the long-term security implications of managing a distributed workforce, read Skybox’s new research paper – Cybersecurity in the New Normal: Securing the distributed workforce and remote operations.
[1] Vulnerability and Threat Trends Mid-Year Update, Skybox Security, July 2020
[2] World Health Organization, April 2020
