Help AG looks at the challenges for organisations looking to secure their perimeter
The global shift to remote work due to the pandemic will not be a short-term phenomenon; it will continue in a significant capacity, outlasting the pandemic, as it has been proven that we can successfully work from home without affecting business productivity. This paradigm shift has led to security concerns for organisations. As more and more employees work from beyond the perimeters of the office, the attack surface of companies continues to expand, and remote assets are becoming more challenging to manage. How can organisations remain secure in an increasingly perimeter-less world?
To answer this question, Help AG brought together cybersecurity experts from some of the most innovative vendors in the industry. At the first Security Spotlight Forum for 2021, the experts shed light on the different methods and technologies organisations can utilise to secure their endpoints and networks as the perimeter becomes blurrier. Two overarching themes emerged during the forum: the importance of making Zero Trust and Secure Access Service Edge (SASE) integral to the organisation’s cybersecurity strategy and upgrading visibility into networks and endpoints with advanced threat intelligence powered by artificial intelligence and machine learning.
Nicolai Solling, Chief Technology Officer at Help AG, said at the forum that the prevalence of distributed workforces means that an organisation’s perimeter infrastructure must cover not only the headquarters but also branch offices, remote users, mobile devices, services and apps in the cloud, and any other assets that exist beyond the traditional data center. The castle-and-moat approach is no longer sufficient, and organisations need to embrace Zero Trust and security at the edge to stay protected.
Zero Trust Network Access (ZTNA) augments traditional VPN technologies for application access, and removes the excessive trust once required to allow employees and partners to connect and collaborate securely. Moath Alrawashdeh, Systems Engineer at Fortinet Middle East, elaborated on the importance of deploying security-driven networking by dropping legacy wide area network (WAN) infrastructure for self-healing SD-WAN, explaining that secure SD-WAN provides flexible security, improved user experience, and simplified WAN operations.
Secure Access Service Edge (SASE) is another piece of the cybersecurity puzzle in this perimeter-less era. SASE is an emerging framework for the convergence of networking and network security services within a global cloud-based platform. Its benefits include, but are not limited to, zero trust network access, data and threat protection, better performance with reduced complexity, cost efficiency, and improved flexibility.
Visibility is also key to securing an organisation’s many endpoints and networks, according to Roland Daccache, Sales Engineering Manager – MEA at CrowdStrike. He explained that because cyberattacks have become much more sophisticated, modern solutions need to combine threat intelligence and telemetry to prevent them from recurring. To drill down on the activities of malicious actors, you need to cross-check the meta-data from your network against high-fidelity intelligence feeds and capabilities to recognise unusual behavior.
According to Rabih Itani, Country Manager, UAE at Vectra, artificial intelligence can be used to drastically improve visibility and prevent threats from turning into breaches. AI-driven network detection and response (NDR) can increase the visibility of actual threats by 197%, reduce alerts by 85%, and reduce mean time to remediation (MTTR) from 60 days to only 4 hours, making it a crucial component.
Jamie Collier, Cyber Threat Intelligence Consultant at FireEye Mandiant, emphasised on the importance of leveraging intelligence-led security across a security function as it can significantly enhance decision-making around areas such as cyber risk, threat hunting, and vulnerability management. He also explained how an intelligence-driven cyber risk assessment can make a prominent difference by focusing detection and response efforts and prioritising resources for “real” versus “perceived” threats, thereby ensuring efficacy and optimising security.
Anderson Pereira, Channel Solutions Engineer EMEA at Keysight Technologies, calls for optimising the organisation’s network for an increasingly mobile workforce through the implementation of an active performance monitoring strategy that helps minimise downtime, troubleshoot outages faster, and improve security.
It is not too late for organisations to start adopting new approaches to cybersecurity that would make them well-equipped with the proper security tools and defenses to tackle all the challenges accompanying the new normal. The perimeter-less era is here to stay, and businesses should become proactive in securing their greatest assets – users and data.