4 Factors That Should Be Part of Your Cybersecurity Strategy

A recent report highlights the need for increased cyber vigilance and offers best practices for enterprise security.

4 post pandemic cybersecurity trends
NetScout

During the past year, IT and network professionals at nearly every enterprise were forced into action as remote work became the norm following the arrival of the COVID-19 pandemic. This has resulted in large-scale change for remote-access architectures, as well as for cloud and cloud-delivered services. In many cases, there has been an increased adoption of software-as-a-service (SaaS) models.

Of course, with these significant changes have come heightened cybersecurity risks. Cyberattackers are taking advantage of shifts in business connectivity, finding new ways to exploit security vulnerabilities.

This evolving threat environment has made it necessary to increase vigilance related to cybersecurity. The recently published white paper “Cyber Security After the Pandemic,” from HardenStance, outlines four important trends.

  1. Security must be part of your corporate culture.

Security and business continuity planning should be ingrained in every enterprise’s corporate culture. This planning should include a cyberattack response plan and other “war-gaming” activities. In addition to creating a rapid response plan, it is advisable to conduct extensive employee training to stand as a line of defense against cyberattacks. Good cybersecurity practices must be reinforced across all functions of every organization. Leadership should set an example, demonstrating a commitment to security that sets the tone for the business.

For some organizations, the chief information security officer (CISO) is increasingly taking on an elevated role. In some cases, the CISO’s role is now on a par with that of the CIO. Consistent with that shift, the role has become more proactive and more tightly coupled with Business Continuity Planning (BCP). In some companies, the role could become merged with CIO, BCP and other positions into a unified function of digital process officer or cloud technology officer tasked with greater accountability across the business.

Another important cybersecurity best practice is threat intelligence sharing. Organizations can learn a lot by engaging in sharing within peer industries.

  1. Security at the edge is increasingly important.

As work has largely shifted to a remote model, many enterprises have come to rely on VPN architectures for connectivity to vital systems and applications. However, the security governing these VPNs may not be sufficient. This has led organizations to substitute their VPN with SD-WAN.

Over the past few years, many SD-WAN vendors have integrated security controls into their portfolios. In addition, emerging secure access service edge (SASE) solutions are unifying network and network security into a single cloud service that provides much-needed connectivity and device security at the edge.

  1. Segmentation and microsegmentation requirements are emerging.

The HardenStance white paper predicts that in the near future, more-integrated approaches to addressing segmentation of home networks will become prevalent. The paper also anticipates “accelerated investment in vendor roadmaps to meet the segmentation and microsegmentation requirements of all legitimate stakeholders in the data and applications that run on personal devices.”

  1. There’s a continuing need to combat ransomware attacks.

As ransomware attacks continue to target enterprises, several industry initiatives are underway to combat this scourge. Security vendors, industry associations, business organizations, and governments are increasingly working together to put measures in place to curtail ransomware attacks.

One such measure under consideration is extending Know Your Customer (KYC) transparency rules in financial transactions to include cryptocurrency transactions. These forms of payment are the primary choice of ransomware attackers because they are untraceable, so new KYC rules may act as a powerful impediment. Enterprises should strongly support efforts such as these.

For more information, download the white paper “Cyber Security After the Pandemic.”

Related:

Copyright © 2021 IDG Communications, Inc.