The New Rules: IT Leaders Work to Regain Control of Their New Distributed Environment–Part II

In part II of this series, we explore the threats faced by organizations in a distributed workforce and how to regain control and visibility of their remote endpoints.

new rules ii
Tanium

Everything has changed.

COVID-19 and the resulting WFH mandate has forced nearly every organization to rapidly spin up a primarily distributed workforce and operational environment.

And as we explored in Part I of this series, this transition has left organizations poorly defended against a wealth of new threats.

In Part II, we will explore what those threats are, what the consequences of suffering one of those threats might be, and how organizations can regain visibility and control over their new environments.

The Big Threats Faced by Today’s Organizations

There’s this perception in the press that most hacks are done by nation states on shiny zero-day vulnerabilities,” explained Scott Lowe, Managing Director at EndpointX. “But the reality is, most hacks happen because a server hasn’t been managed or patched, or there is a vulnerability on a browser. It is normally the most fundamental IT hygiene issues.”

During the pandemic, Lowe worked primarily with financial services organizations as they moved over 90% of their employees to WFH environments. Some of his clients sent their teams home with just two hours notice, and many of them lost critical layers of visibility and control over their devices in the process.

“One of the problems with IT operations and security tooling is, they were designed in a world where people sometimes worked from home,” said Lowe. “We’ve had a period of 12-16 weeks where these tools have not come back into the office, and some of these tools are just not designed to be able to patch them or scan them for vulnerabilities. And it only takes one server or workstation that isn’t patched for a malicious actor to get access to, and move laterally across, the network.”

The data from When the World Stayed Home suggest malicious actors were aware of these vulnerabilities, and pounced on the opportunity to take advantage of them.

Within the report’s findings, 90% of IT leaders said they experienced an increase in reported attacks during the first months of the pandemic. On average, they experienced 30% more attacks than usual.

The most common attacks they suffered included:

  • 38% experienced Data Exposure
  • 37% experienced Business Email or Transaction Fraud
  • 35% experienced Phishing Attacks

The consequences of suffering even one successful attack can be dire.

“In the best case, an organization simply finds out that they had some data stolen,” explained Charles Ross, Chief Customer Officer at Tanium. “In the worst case, they find out—too late—that their entire business has been compromised by someone with an ulterior motive.”

According to Ross, this loss of control can be total.

“If someone has taken your technology, they have taken your company along with it,” Ross elaborated. “You try to log in, and find out that they are not your computers anymore, and there’s no way to recover them unless you pay a ransom by a certain date. This has happened with some smaller companies, and it could happen with a larger company—names you never thought could suffer such a thing are completely susceptible at this point.”

Organizations appear to be waking to these threats, and are now hurrying to regain visibility and control over their environments.

How Organizations are Regaining Visibility and Control

97% of cyber security incidents are simply avoidable,” explained Robin Vann, Chief Solution Officer and CTO at the cybersecurity firm RelianceACSN. “What really scares me is that people abandon the basics and try to do the really advanced, clever stuff without ever thinking about the fact that their doors are wide open. But doing the basics well is the best form of defense—patching, antivirus, and the like.”

Organizations appear to have learned this lesson during the pandemic.

According to When the World Stayed Home, 96% of organizations are making strategic investments to reduce their risk, and these investments are centered around the fundamentals of effective endpoint management and security.

Among those IT leaders surveyed:

  • 48% are investing in endpoint management to increase visibility of IT assets
  • 47% are improving their patch management processes.
  • 45% are decentralizing IT by adopting more Cloud computing.
  • 38% are reducing their reliance on VPNs by implementing zero trust models.

For many of the experts we surveyed, now is the right time to revisit these conversations, and to return visibility and control to the endpoint environment. And often, the ability to bring effective endpoint management and security comes down to acquiring the right tooling— even in today’s resource-constrained environment.

“Given the budget challenges that companies do face, there is a challenge around siloed endpoint products that don’t talk together very well, and all have license fees that are all independent of each other,” said Lowe. “What people are trying to do is find tooling they can consolidate on, and put all of their capabilities on one platform that is more financially beneficial for them, instead of choosing independent products across the board.”

Ross elaborates on how to make decisions about which tools to consolidate on.

“Take a step back. Take a hard look at the investments you’ve made. And make decisions around, ‘Are those giving me the value that I need to operate as an organization going forward?” recommends Ross. “Any tool that is not providing value now is unlikely to do so in the future, and now is the time to rationalize your environment.”

Finally, while this remains a challenging environment for all organizations, Vann believes it is still the right time to make hard decisions about endpoint management and security investments

“The cost of response is higher than the cost of prevention,” concludes Vann. “Even without fines and reputational damage, you will pay three times as much for an incident response than to prepare properly to operate securely.”

To learn more about what happened when the world stayed home and watch more perspectives from leaders like Charles Ross, Scott Lowe and Robin Vann, visit world-at-home.tanium.com.

Copyright © 2020 IDG Communications, Inc.