Cybersecurity 2020: Developing Digital Trust
Several weeks after the celebration of the event organized by IDG Research in which Softeng participated and in which the main cybersecurity trends during the crisis caused by COVID19 were explored and analyzed, the implications of teleworking and the preparation for the new normal. The company has prepared a report that includes the main topics that were discussed both in the proposals of the technology providers that participated and in the practical cases of companies that shared their experience and learning.
Strategy gains priority over operations
IDG points out that the health crisis has had a short-term impact on the operations of the security departments, which have needed to quickly implement new solutions while attending to the different incidents. However, once this stage has passed, companies have begun to wonder what the new normal will be like and consider how to redefine their security strategy.
In all cases, the return to normality has generated changes in the organizational model, even transforming the business model. Organizations have realized that the change is irreversible: the work environment is going to be a hybrid between face-to-face and remote activity . On the other hand, digital channels are going to be consolidated in all businesses. All this changes the risk map of organizations and with it the security strategy.
During the event, the areas of greatest impact were discussed, focusing on three main points:
Employees are the starting point since they have been accessing the company remotely from their homes. In this sense, companies have faced several challenges:
- Employee in a different environment than usual: In many cases, employees have had to work with personal devices and in an environment very different from the one they have in the office, reconciling work and family activity at the same time. All of this has led to a drop in security practices that were routinely followed, making them vulnerable to human error, phishing or social engineering attacks.
- Undefined work profile: Many companies did not have telework defined within the user profiles and although mobility was defined, it was not defined to have access to all the applications used in the company.
- Disruption on the perimeter: As a rule, the perimeter approach was based on the fact that employees worked within the corporate environment, except for those who worked in mobility as an exception.
- Loss of control over data: The risks of teleworking not only affect the device but also the data that the user manages, downloads and stores.
To overcome these challenges, these solutions were discussed during the conference:
- Employee awareness: Through training sessions and knowledge of company protocols and policies.
- Review accesses and privileges: To have visibility at all times to detect inappropriate or suspicious access and maintain control of compliance.
- Review the traditional concept of perimeter: To consider alternatives that incorporate Zero Trust principles.
- Protect data: Adding encryption and maintaining a more robust governance of data.
Protection of hybrid environments
During the crisis, many companies have accelerated the adoption of the Cloud, having to deal with hybrid environments in an unplanned way. The challenges that companies have faced in this regard are:
- Manage access: At this point the challenge is twofold, on the one hand, it is necessary to protect the user's access to multiple services without impacting their experience. On the other hand, if there is no robust privilege policy, there may be improperly defined permissions (eg problem in the configurations) and open security breaches. This is compounded in the case of external collaborators.
- Control the Shadow IT: Remote work has increased the propensity to use resources without the supervision of the security area that escape from corporate security policies.
- Change in traffic patterns: There has been a change in the pattern of information traffic between the user and the different environments they access. In particular, the upload has multiplied, generating vulnerabilities.
To overcome these challenges, the solution offered during the conference was:
- Reinforce access and identities: Through double authentication systems or biometric measures.
- Integrate management: Lean on tools that allow an integrated perspective of all environments to carry out centralized management.
- Analyze traffic: Detect anomalous and subtle behaviors and connections, which go unnoticed by standard security tools, and which are related to complex, uncategorized attacks (eg new attack typologies).
- Compliance control: Implement the necessary security tools to ensure regulatory compliance.
Companies have had to quickly migrate to digital channels to stay active. This has led to the following challenges:
- Urgency in the implementation of digital tools. Companies have been quick to search for solutions in the market. If you do not have the security area, a Shadow IT can be introduced that opens multiple vulnerabilities.
- Tensioning of applications. The pattern of use of applications has changed multiplying their use remotely and from new devices. However, many applications were not ready for these new patterns, impacting their security, performance or user experience.
- Increased risk: Companies have inevitably assumed greater risk to ensure the continuity of their activity. However, if they do not have visibility into this risk, they will not be able to manage it properly.
To overcome these challenges, the solutions offered during the conference were:
- Test and validate new tools. To equip employees with the necessary tools to be able to telecommute and prevent employees from looking for their own alternatives (Shadow IT)
- Strengthen applications: Applications that have not been designed to be used over the Internet or in a massive way need a revision so that they can accommodate new usage patterns.
- Measure risk and safety position. Through tools that allow knowing the security position.
Softeng's participation in the conference
Our CEO, Carlos Colell, participated with a presentation called "How to protect our companies in the new era of teleworking" in which he began by explaining the current scenario in which companies find themselves and how the rush towards teleworking has shown that companies were not prepared to adopt the necessary security measures.
Carlos then explained about the most common security mistakes in companies, among which is having a security strategy based on passwords; emphasizing that companies must understand that the passwords of some user will be exposed for sure, sooner or later and therefore new measures must be taken such as, for example, the double authentication factor. Likewise, another of the common mistakes is having several security solutions from different manufacturers that results in a lack of communication between products, requires more dedication and causes a longer reaction time.
Finally, he spoke about the strategy to improve security and concrete recommendations to overcome the most common challenges and protect companies in this new normal.
As a conclusion to everything that was exposed in this conference, we can highlight that teleworking has come to stay and for that reason, the concept of cybersecurity has completely changed to adapt to a new paradigm of massive teleworking and an exponential growth of cyber attacks that They try to take advantage of this new situation.