Blog

See Around Corners to #BeCyberSmart

Gidi Cohen, CEO and Founder, Skybox Security October 21st, 2020

October is Cybersecurity Awareness Month, and the overarching theme for this year is “Do Your Part. #BeCyberSmart.” The objective behind this message is to encourage organizations to take ownership in protecting their employees, customers and stakeholders. But this is much easier said than done. The disruption this year has made cybersecurity more complex than ever.

Before 2020, organizations were already investing in new applications, technologies, and cloud-native solutions to optimize operations, gain competitive advantage, and maximize growth. Due to the pandemic, these digital transformation initiatives have greatly accelerated to support a distributed workforce and remote business operations. Businesses have rapidly moved additional workloads to the cloud, deployed new technologies, and reconfigured their corporate networks. As a result, some processes needed to be deprioritized, and they are now facing an expanded attack surface and a greater volume of exposed vulnerabilities.

Security teams have been under significant pressure this year to secure a greatly expanded distributed workforce.  This situation has been exacerbated due to previously existing challenges: a widening cybersecurity skills gap, increasing complexities, and limited visibility into their entire fragmented estate. Compounding this is the inherent truth that organizations are working with ineffective and inefficient security operations. With a 34 percent increase year-over-year in vulnerabilities, and a 72% year-over-year increase in new ransomware samples (source: Vulnerability Threat Trends Mid-Year Report, Skybox Security, July 2020), simply working faster is not the answer.  However, in order for security teams to work smarter, they need insight to make informed decisions and prioritize accordingly.

However, security teams currently lack the contextual data that’s necessary to effectively reduce the cyber exposure of the attack surface in the face of rapid change. Because of this, they are overly-reliant on reactive security measures that are not designed to stay in front of the current volume of new incidents and vulnerabilities. And with the threat of severe fines hanging over their heads at a time of global economic uncertainty – the average cost of a data breach in 2020 estimated to be $3.86 million, with average cost of noncompliance estimated to be $14.5 million (source: Ponemon Institute) –  there is a clear impetus to change the status quo.

To #becybersmart, organizations need to have network-wide context that allows the security function to #seearoundcorners and act proactively.

  • Security changes are being made blindly

Many security teams entering the challenge of the pandemic were faced with the daunting challenge of making many changes with an incredibly outdated and inefficient change management process.  In many cases, this entailed using excel spreadsheets to submit and approve firewall changes.  This manual approach lacks the governance of confirming that changes are reviewed, planned and approved correctly and does not include a closed-loop process to ensure that the implemented change matched the intent of the change request.

In the scramble to quickly implement policy and rule changes, many security teams lack the visibility into their network topology and configurations to accurately determine and implement the necessary changes to achieve the desired business goals. In their efforts to enable their distributed workforce and secure their perimeter, they could have actually been unknowingly introducing new risk.

The reality for many is that they’ve been blindly applying changes without proper assessment of impact on cyber exposure. In many cases, this leads to new vulnerabilities being exposed, and systemic risk being introduced across the organization. This is particularly problematic considering 91% of enterprises (source: VMware, 2020) have reported an increase in cyberattacks over the course of the pandemic.

  • Change management needs context

Traditional approaches to change management – treating each change manually and on a case-by-case basis – are now unmanageable. With a limited number of human resources, and compressed change cycles, these changes bring about an increased level of risk.  Limitations of manual-led processes have been known for years – 95% of all breaches are due to human error (source: IBM, 2014)- but the pandemic has put a finer point on this issue.

The ‘new normal’ requires more agility and change than ever before.  As such, organizations need to rethink their long-held practices. Where automation was once a nice-to-have, it is now a must have. Where network visibility was once considered an aspiration, it is now a necessity. Where security teams could rely on antiquated change management capabilities, they now need to modernize.

To ensure security policy changes are adequately analyzed and properly deployed without introducing new risks, organizations need context-aware change management that coalesces the decision-making process across enterprise security and network teams.  In order to minimize systemic risk as traditional network perimeters vanish, organizations need to be able to gain complete visibility and understanding of their networks to effectively implement changes. This requires merging and analyzing data sets from complex layers of security, networking, and cloud technologies. To ensure policy changes are adequately analyzed and properly deployed without introducing new risks, organizations need prescriptive analytics to quickly map and remediate vulnerabilities while making rule changes that approve overall security. This is only possible through the unification of vulnerability and security policy management capabilities.

  • Why change?

Organizations that ‘do their part’ and take these steps to implement context-aware change management technologies and automated processes, will not only protect their employees, customers and stakeholders, but they will experience significant direct business benefits. By taking a context-aware change management approach, several of our customers reported that IT security teams improved change management efficiency by up to 80 percent with customized, automated workflows. Others were able to narrow their risk assessment window from days to minutes.

And these are just a few examples. Security teams that modernize their approach to change management will benefit in numerous ways including:

  • faster, better and more informed decisions
  • improved firewall performance
  • increased remediation effectiveness
  • reduced compliance risk
  • increased efficiencies across resources and technologies

 

Learn more about how you can #seearoundcorners and intelligently plan your response here

The Skybox Blog Team is a group of talented, security-conscious writers dedicated to bringing you insights into trending topics, IT security developments, and Skybox solutions. Though you can't see our faces, rest assured: we're all really, really good looking.

Read More

2020 Vulnerability and Threat Trends Mid-Year Update
Download
Skybox Vulnerability Control
Download
Risk Scoring
Read More