Cloud platforms and increased adoption of multifactor authentication (MFA) have become the foundations of a massive shift towards digital technologies to support remote working. According to a study by McKinsey & Company, the recent pandemic crisis accelerated the digital transformation of business and society to such a degree that the global acceleration rate is estimated to be three years.
Today's threat landscape is no different from last year; the increased sophistication of adversaries has promised that 2022 will be an equally challenging year. Chief information security officers (CISOs) are compelled to address the expanding risk environment, but in doing so, they have to consider the following five challenges.
First, businesses will continue to support remote working for the foreseeable future, and Gartner estimates that by 2024 remote workers will account for 60 per cent of the workforce. Hybrid working environments create additional security and privacy risks, and CISOs need to establish appropriate controls to protect their remote employees.
Dispersed users and diverse employee profiles increase the threats against all employees. Insufficient identity and access management (IAM) controls leave all users open to credential attacks. Attackers are not targeting only privileged accounts, but every user is a potential target because their credentials and personal data are valuable for cybercriminals. The Verizon Data Breach Investigations Report 2021 shows that compromised or stolen credentials are the top vector for 61 per cent of data breaches.
Second, we have witnessed the most significant data movement outside of business premises over the past two years. Organisations are deploying multiple cloud platforms, and the Thales Data Threat Report 2021 indicates that more than 50 per cent of corporate data is now stored and processed in the cloud. This data needs to be protected to prevent breaches that harm reputation and trust and ensure compliance with an increasing framework of privacy and security regulations and laws.
Therefore, it is essential to have clear visibility of your data and classify sensitive information. Following a risk-based approach to data protection, CISOs need to establish appropriate and granular access controls with MFA to ensure that corporate data, whether on-premises or in the cloud, afford the same level of protection against advanced and skilled criminals.
'Zero trust' security, coined over a decade ago, is more critical than ever. Facilitated by robust IAM, a zero trust approach to security is the only way CISOs can instil confidence in an untrusted environment.
Alex Creswell, chief executive and chairman of Thales UK, says: “Along with having their employees work from home, more companies are in the cloud, leaving many exposed to new threats that go beyond their security strategies. Zero trust maintains a high level of security remotely, without a physical location to authenticate access. It is not a specific technology; rather, it’s a strategy with strict and continuous identity verification and control of data in the cloud to minimise trust zones.”
However, implementing zero trust presents certain risks, as the controls selected to deploy the strategy should not create friction or harm user experience and productivity. Zero trust should be the enabler of innovation by securing digital-first initiatives.
Automation is another key challenge. Automation is what makes a holistic approach to cybersecurity effective and efficient. Just like automation on factory floors enables improved productivity, automation in cybersecurity streamlines incident detection and response. Automation, achieved through artificial intelligence and machine learning, is essential for two key reasons: decreasing the time to respond to an incident and removing the burden from often understaffed security operation centre (SOC) teams.
The Verizon Data Breach Investigations Reports have demonstrated that time is crucial for minimising the impact of security incidents. While data breaches seem inevitable, our detection and response capabilities can certainly improve if we invest in security automation tools. These tools will immediately identify impending threats to our posture and give security teams the advantage of launching the appropriate mitigation tactics to contain the attack.
Integration between identity and access management services and security automation tools can provide intelligence about potential vulnerabilities and let SOC teams focus on the most important threats that require human intervention. In a security environment of expanded threat surface and increased volume of attacks, being able to alleviate the burden from your security teams adds to your posture and helps ensure uneventful cloud operations.
Mental health has become a growing concern among all organisations, especially in the last two years. Closely related to the Great Resignation (or the Great Rehiring), mental health and staff burnout are pressing topics that need to be addressed sooner than later. The best way to do that is to empower employees through upskilling and by providing flexibility in work environments.
With people being the most essential part of the cybersecurity chain, it is important to support them with appropriate processes and provide technology to remove any friction. For example, eliminating insecure passwords and deploying modern access controls through flexible MFA will help employees be able to work more flexibly and have more control over their time. At the same time, businesses should invest in educating them to spot phishing and social engineering attacks that seek to break access controls and compromise credentials.
The adoption of cloud services and MFA is making the world more secure. However, evolving needs around cloud applications and mobile devices, combined with rising threats and the need to reduce costs, require entirely new considerations for access control. The recent executive order on strengthening the cybersecurity posture of federal agencies in the USA underlines the necessity for protecting the access to national critical infrastructure and data.
IAM solutions provide a framework for granting and requesting access to applications, enforcing access controls and ensuring visibility into access events. A good option will allow organisations to expand modern authentication to a broader set of users and services. By offering broad authentication capabilities, this option should ensure that users and consultants can securely log into any application or service on any device, from anywhere.
Danna Bethlehem Coronel is director of product marketing, identity and access management at Thales