Cyber security in a hybrid workplace world
When an organisation’s network perimeters shift, how difficult is it to combat malicious threats and remove the architecture vulnerabilities that often sit with the end-user? Remote workforce transformation relies on a digital ecosystem, which means increased security vulnerabilities and new solution sets.
Even before the coronavirus turned the world upside down, the security landscape was shifting. COVID-19 expedited digital transformation globally, altering the way organisations behave for both companies and cyber criminals.
“The company's traditional network parameter basically disappeared,” explains Ali Sleiman, Infoblox’s technical director for MEA. “There used to be a clearly defined parameter and security strategy for companies… but the pandemic and the evolution of technology brought changes to the strategy. This forced companies to build and use a new hybrid workforce, a remote workforce.”
Changes in customer behaviour and the distribution of architecture have increased the attack surface for organisations. The result of all of these changes is a bigger threat emerging – cyber criminals are now finding a wider attack surface to target and exploit organisations. According to Jesper Anderson, Infoblox’s CEO and president, threat actors sent over 60% of malware through cloud applications to target remote workers last year.
“In such an environment where you have changed not only in the architecture but also how your workforce has to operate, you have to adjust your cyber security strategy. If your cyber security strategy is not rolled out from day one because of these changes, companies and their employees will be at serious cyber security risk,” adds Sleiman.
Companies using cloud providers, for example, now need to worry about data breaches caused by unauthorised access levels of the network resources and devices. Software developers who previously didn’t prioritise security while building applications, and those working from remote locations without addressing security and management, can leave end-users vulnerable.
“Cyber criminals can disrupt and intercept communication running between the user and the organisation. This is why these challenges, in a hybrid workplace, are so critical, security-wise,” says Sleiman. “How do you enable employees in a hybrid environment?”
According to Sleiman, the answer lies in enabling your workforce – whether working in the cloud or on-premises – with different types of security skillsets and increasing their awareness of the vulnerabilities that these changes have brought into the organisation.
“Today's security decision-makers need to understand the impact of the trending, core technologies that we hear about all the time – SDN, DNS, multicloud environments, etc, to be able to assess the environment and deployment risk and respond with the right security model,” explains Sleiman.
Putting in place the right security tools to fit the specific needs of a specific environment for an organisation is key, more so when remote workers and end-users are active on a variety of devices. Remote workers are not only using their home networks, but also public places to utilise WiFi, which brings a high probability of risk.
“Leveraging core technologies like DNS network security can play a critical role in preventing vulnerabilities and attacks like lookalike domains. DNS is also being used as a data exfiltration tool by cyber criminals to exfiltrate data from organisations. Without those types of security controls like custom lookalike domains and monitoring such risks, remote workers will be more easily targeted,” he adds.
Character substitution, for example, is a technique employed by cyber criminals to expose sensitive data such as credit card numbers and passwords. The right security tools can prevent exploits which cost organisations millions of dollars in debt and data. The hybrid workplace world has created the perfect storm for hackers where more security breaches are insider threats than externally initiated hacks.
“End-users will always have the primary responsibility to have the awareness of what could be a threat, provided that they were given the proper training and clear policy rules. However, cyber criminals today are getting very sophisticated, and they find ways to manipulate and penetrate to create those types of vulnerabilities for end-users,” says Sleiman.
To mitigate cyber security risk, Sleiman believes companies today have a significant responsibility to have a structured policy in place that end-users need to adhere to and implement in order to address the right security gaps. Cyber security can no longer be a tech or IT problem; it needs to be both an organisational and operational priority.
“You can no longer think of networking separately from security… any organisation that still thinks that IT is different from security in today's world is basically setting themselves up for failure in terms of securing their environments or securing their end-users,” explains Sleiman. “The definition of an end-user today is different from an end-user a year or two ago, regardless where they’re operating from. Getting the right security measures in place is important to protect personal and organisation data and block any malicious activities.”