Cybersecurity attack surfaces are proliferating. Security teams must modernize to lower cyber risks.
More than three-quarters of organizations faced an increase in cybersecurity attacks in 2020. Organizations either involved the incident response (IR) team or had to report breaches to regulators in 80% of cases. These figures come from VMware’s latest Global Security Insights Report, based on a survey of more than 3,000 CIOs, CTOs, and CISOs.
The average data breach costs an estimated $4.2 million, and financial ramifications are not the only concern for executives.[i] As the report indicates, many organizations saw their reputation damaged in the wake of cybersecurity breaches. Other companies slowed their plans for innovation out of concern about additional attack vectors and increasingly sophisticated cyberattacks.
Since the beginning of the commercial use of the internet, technology leaders have engaged in an ever-expanding and increasingly complex effort to address the damage done by cyberattacks. While it might not be possible to totally prevent breaches, the Global Security Insights Report illustrates steps leaders can take to mitigate cyber risk.
Hybrid working models require increased visibility, new data breach precautions
Cybersecurity attack frequency rose in 2020 in part because so many organizations transformed to remote or hybrid working models. Each mobile device, computer, and third-party software instance offered hackers another attack vector to access sensitive information stored on a company’s core network.
Additional vectors in distributed locations created blind spots for CISOs and their teams.
Seventy-eight percent of information technology executives reported that the volume of attacks increased as a result of working from home. Along with third-party applications, ransomware and out-of-date security technology proved to be major security risks.
These attack vectors are less visible to security teams because they originate at individual endpoints rather than on the edges of a centralized network.
Given this new climate, it’s unsurprising that nearly two-thirds of executives agree they need better visibility over data and apps to prevent attacks. Improved visibility for the new hybrid working model is important, though 60% of executives stated they also need to view security entirely differently as a result of these new attack vectors.
Specter of security breaches holds back innovation
Developing modern apps and other innovations is crucial to accomplishing business goals. The environments today’s apps require have security teams are rethinking their approaches to preventing breaches. Building new or leveraging third-party applications allows organizations to more easily offer exceptional customer and employee experiences. When these avenues of innovation double as cyber risks, that can make some teams apprehensive about developing and consuming apps or technologies.
Most survey respondents perceive this potential threat all too clearly.
Fifty-six percent agree security concerns are holding them back from embracing AI-based apps.
Some teams (15%) said that workloads were the most vulnerable breach point in their organization’s data journey, noting that 12 months ago that wasn’t the case.
Many security teams face a difficult reality. Apps and services are crucial to reaching employees and customers in a more distributed business environment. Yet, many of those apps, services, and remote network connections carry with them the specter of a cybersecurity breach.
Cyberattack mitigation must go beyond a traditional security solution
For various reasons, security teams have long-recognized that traditional antivirus and malware solutions don’t quite meet the needs of today’s modern enterprise. These network security tools fall short because of expertise gaps between security and infrastructure teams. Security teams aren’t experts in production workloads (apps currently delivering information to end users) and infrastructure teams aren’t as adept at identifying the behavior of a malicious actor. The continued shift to hybrid- and multi-cloud environments will continue to make workloads a focal point of cybersecurity efforts.
If not with antivirus programs, then how can security teams mitigate cyber risk?
- Prioritize improving visibility. In a recent report, Forrester Research found that more than two-thirds of decision makers found it difficult to deploy new devices to end users during the pandemic. The mountain of devices, third-party apps and vendors, and home network connections to business networks introduces a variety of blind spots for security teams. To secure modern remote work environments against security threats, teams must prioritize improving visibility into all endpoints and workloads.
- Respond to ransomware resurgence. Ransomware is one of the leading causes of security breaches. Ransomware attack groups exploit the poor visibility of security teams, frequently gaining access to networks and exfiltrating sensitive data. Organizations must combine ransomware protection with post-attack remediation efforts.
- Address legacy technology and process weaknesses. Traditional antivirus programs often struggle to protect a network with many distributed endpoints. Out-of-date processes can also expose organizations to attack risk. As a result, more than six in 10 respondents agree they need to view security differently given the attack surface has expanded. Security leaders must help their teams identify which processes and technologies require an update or change in order to support remote workers and reduce risk.
- Deliver security as a service. If the Colonial Pipeline attack is any indication, cyber criminals will target critical infrastructure when possible. As organizations modernize, they’ll likely allow third parties to manage, own, or control more of their infrastructure in some capacity. Infrastructure-as-a-Service architectures require Security-as-a-Service defenses. Organizations must distribute cybersecurity safeguards to network endpoints to protect assets no matter where or in what environment they exist.
- Build cloud-first security into applications. In the privacy world, Privacy by Design (PbD) principles show companies how to build proactive privacy safeguards into their apps and services from the ground up. Security practitioners must take a similar approach, building preventive measures to deter cybercrime into apps and services from inception. Especially in managed environments, teams must prioritize securing cloud workloads.
To narrow attack surfaces in modern environments, security teams must modernize
Cloud infrastructures and operating models enable organizations to adapt to sudden changes, such as hybrid working. Modern architectures make it easier to reach customers and employees, even when they’re thousands of miles away because the cloud offers a personalized connection to each end user. Yet, each new connection to the company’s network represents a potential cybersecurity attack vector. Just as technology leaders have transformed infrastructures and application delivery pipelines, so, too, must security leaders transform risk-mitigation tactics.
The CISO Security Threat Landscape report illuminates how attackers might leverage new, distributed network connections and what security leaders can do to help prevent cybersecurity attacks. For more detail about the current threat landscape and security solutions to lower cyber risk, download the report today.