As the epidemic progresses, it’s understandable that security and networking specialists would need to consider the ramifications of the significant changes that occurred abruptly as a result of global lockdowns. However, we must equally acknowledge that that moment has gone and that there is no going back now.
I have the impression that some companies are squandering significant time and resources in an attempt to get the toothpaste back into the tube. As work-from-home morphed into work-from-anywhere, IT and security teams scrambled to keep employees connected and businesses viable, the pandemic caused networks to explode in every conceivable way — size, scale, and especially points of access — as work-from-home morphed into work-from-anywhere, and IT and security teams scrambled to keep employees connected and businesses viable.
We push data centres to their limits, and new hybrid environments are emerging, with certain data and applications remaining on-premises and some migrating to the cloud. However, rather of focusing on the new security implications of these developments, some people are looking for a method to re-create the network conditions and information security postures of a pre-pandemic world that is still history, no matter how recent.
A Bigger Picture
We describe the results of this method in our company’s most recent threat report, and they aren’t good: Ransomware attacks have increased by 1,100 percent, owing to an emboldened and highly successful cybercriminal ecosystem that has been glad to shift its focus from enterprise security defences to home networks and consumer-grade security. The number of botnet attacks has risen from 35% to 51%. Ransomware-as-a-service, in which you can buy an attack online, has increased in popularity, bringing with it more sophisticated and disruptive attacks.
Even more concerning, hackers are now targeting operational technology, such as the Colonial Pipeline, which supplies about half of the East Coast’s gasoline supply, or JBS Foods, the world’s largest beef supplier. There will undoubtedly be more to come.
But this isn’t just about creating headlines. The bulk of networking and security specialists are well aware of the situation. A staggering 67 percent of businesses say they’ve been the subject of a ransomware attack. Half of them had been attacked multiple times, some even three or four times. Ninety-four percent of organisations say they’re worried about that they will get attacked by ransonware, with 76 percent saying they’re “extremely worried.”
However, few of the firms that are concerned, even highly concerned, are putting in place the tools, techniques, and procedures required to safeguard today’s increasingly complex hybrid networks. Only 72 percent of businesses claim they’ve created a ransomware strategy, with about half of those saying they’ll “pay the ransom.” (At the moment, networks are so convoluted and ad-hoc that even responding to an assault is challenging.) According to a recent IBM survey, each firm has an average of 45 security devices.)
I wish it were self-evident, but many businesses must realise that worrying is ineffective as a security approach. Cybercrime is a business, and it is unrelenting in its pursuit of profit. When business is growing, it surely doesn’t stop. And cybercrime profits have never been higher. In the first half of 2021, the US Treasury’s Financial Crimes Enforcement Network (FinCEN) reported approximately $600 million in ransomware payouts, putting us on course to surpass the cumulative payouts of the preceding decade.
Taking a Different Approach
Changes in the threat landscape, as well as the enormous complexity of today’s networks, necessitate fast action. There is a significant potential to design a security plan for the swiftly approaching future, not the rapidly receding past, inside that requirement. However, the process begins with a shift of viewpoint. Although there is no one-size-fits-all strategy to security, several relevant considerations might assist in prioritising future steps.
To begin with, a large part of the problem is the idea that we view security as a reactive, defensive strategy. It not only entails expecting the worst and hoping for the best, but it also decouples security from its crucial role in all business strategies. When we find firms overly focused on things like greater offline backups and ransomware insurance, it’s a sign that something is wrong. Both are useful tools, but neither improves network security.
Furthermore, investments that make the network and its security inextricably linked — that treat networking and security as one and the same — are far more wise. While most businesses have probably purchased ransomware insurance, far fewer are investing in the increasingly mission-critical technologies that can actually protect against the threat vectors being targeted, such as secure email gateways, network segmentation, entity behavioural analytics, SD-WAN, and sandboxing — all of which create and strengthen network protection.
Simultaneously, there are more and more options to go on offensive. We can use deception technology to secretly trap cyber attackers and offer vital information on your own network dangers as well as the opponents themselves, allowing you to improve your security posture. Fortunately, because networks today contain new access points, such as home offices, improved endpoint detection and response (EDR) technologies can detect and prevent assaults before the network is compromised at critical points of exposure. And, unlike a regular VPN, zero-trust network access (ZTNA) can safeguard remote workers accessing resources in the data centre or cloud.
We now have the tools and technologies we need to safeguard today’s hyperconnected and scattered networks. And defending them is not only necessary, but also doable. We have to start right now. However, hurling boxes at the problem isn’t a viable answer.
However, doing so necessitates a shift in mindset about what security is and how it should function in the future. Now is the time for businesses to make a clear strategic decision. Simply put, they may either proactively defend their networks or wait to be a victim, as they have in the past. There appears to be no other option as networks and the threat landscape continue to increase.
Source: fortigate firewall