Ongoing business transformation has put IT teams under enormous pressure to continually expand and retool networks to keep up. This is especially true for cybersecurity devices, which have traditionally been deployed to monitor and secure largely static network environments. But now, because of the rapid and continuous pace of digital innovation, those security tools are struggling to keep up. The quick transition to a remote workforce, which essentially inverted the network by placing most workers outside the traditional security border, is just the latest example.
Now more than ever, it is essential that security tools no longer be deployed as separate elements of the network. And they don't need to be linked to network components, but networking and security elements need to be woven together into a single solution.
There have been four major catalysts for change driving the transformation of both networking and security. Each of these alone might be manageable. But when combined, they are overwhelming the capacity of IT staff as well as the networking and security solutions they have to work with:
To address the rapid rate at which these four trends have taken root inside organizations, many organizations have opted to treat each change as a distinct project. As a result, IT teams not only have to manage multiple, isolated environments, but siloed security solutions mean that they have also lost the critical advantage of universal visibility and control. Entire sections of the network cannot be seen or managed from a central console, which means that sophisticated threats can move into a network undetected and remain undetected for months. And according to the latest report from Ponemon, the global average total cost of a data breach in 2020 now stands at $3.86 million per event.
Cybercriminals have quickly adjusted their attack strategies to identify and capitalize on weak spots in these new networks. Gartner reports that the vast majority of public cloud breaches are the result of misconfigurations. And according to the latest Threat Landscape Report from FortiGuard Labs, during the first six months of 2020, cybercriminals retooled their attack strategies to target new remote workers and their home networks.
IPS sensors across the globe reported a shift in attacks targeting consumer-grade routers and home IoT devices, such as DVRs. Threat analysis indicates that attackers target older vulnerabilities – 65% are targeting vulnerabilities disclosed in 2018 and 25% from 2004 – because home networks are far more vulnerable and less likely to be patched. And older botnet malware, like Mirai (2016) and Gh0st (2014), has dominated threat charts for five of the last six months. And the recent 2020 Remote Workforce Cybersecurity Report shows that nearly two-thirds of surveyed enterprises saw an increase in attack attempts during the first six months of 2020, with 34% reporting a successful breach.
To defend against these trends, organizations need to take a more holistic approach to security. This ensures consistent visibility and control, so new threats can be quickly seen and eliminated. Cloud-based security not only needs to be uniformly applied across multi-cloud environments, but also tie back seamlessly to security deployed at the core, at the branch, and on remote devices.
Organizations should consider taking a secure access service edge (SASE) approach that includes secure SD-WAN to secure super users who need high-performance combined with deep security. These remote workers may include executives who manage and access sensitive corporate or financial information, help desk workers who need real-time access to labs and remote desktops to troubleshoot issues, and systems administrators who need to manage and control live networks.
In addition, there numerous technologies and considerations that enterprises should adopt to help them prioritize telework cybersecurity initiatives. Here are just a few.
Multifactor Authentication (MFA). Even with VPN in place, the risk to organizations due to stolen or weak passwords is high. In fact, accounts are more than 99.9% less likely to be compromised if a worker uses MFA.
Network Access Control (NAC). IT teams can’t secure what they can’t see. An advanced NAC solution can profile devices as they connect, control what devices are given access, and provide visibility across all connections to the network. It can also continuously monitor for new connections and changes in connection status and take automated action against suspicious events.
Endpoint Detection and Response (EDR). The devices used by remote workers must be secure without impacting productivity. This requires advanced, real-time threat detection and mitigation for endpoints. EDR proactively reduces the attack surface, prevents malware infection, detects and blocks malicious activities in real-time, and can automate response and remediation procedures.
Maintaining Business Continuity. To thrive, an organization with a remote workforce needs to ensure healthy levels of productivity and security. This requires securing endpoint devices and providing high-speed, reliable access to vital applications, whether in the core network or the cloud. Achieving this requires security and networking to function as a single system. It also ensures that the business is not impacted in the event of a cyber incident.
Reducing Security Complexity. A distributed network protected by isolated and inflexible security tools that can’t see or communicate with each other will inevitably experience security gaps and configuration issues. A fabric-based approach, where security controls are seamlessly integrated with consolidated management and orchestration, reduces the overhead associated with telework security deployment. It also enables automated responses for faster and more effective threat resolution.
The pace of today's digital business has required organizations to make rapid changes to their networking infrastructure. And not all of these changes were expected. The result has placed an excessive burden on IT teams and left organizations exposed to new risks as cyber attackers targeting their rapidly expanding attack surface. However, the knee-jerk reaction to pile on more security can make the problem worse. Organizations need to adopt a simple, more holistic strategy. When security and networking are integrated, dynamic environments and continuous change can occur without compromising security or reducing visibility, while enabling the security fabric to detect and respond to even the most sophisticated threats before they can accomplish their objectives.
Read more about how Fortinet customers are maintaining business continuity at scale with integrated and secure Fortinet Teleworker solutions.
Read more about the latest cybersecurity threat trends and the rapidly evolving threat landscape in our latest 2020 Threat Landscape Report.