Three keys to overcoming hybrid work cybersecurity risks
By Alastair Williams, Director, Solutions Engineering EMEA, Skybox Security
Global banks are announcing plans for hybrid working models, embracing changes forced by the last year. Workers are returning to offices as regional pandemic-related restrictions lift, with leading financial organisations such as Lloyds, J.P. Morgan, HSBC, and Goldman Sachs announcing they will continue to permit remote work post-pandemic.
Embracing hybrid work means security strategies must also evolve. The flexibility offered by remote work policies seems to satisfy employees and offer productivity benefits. Inadvertently, hybrid workers also create new security weaknesses. According to research from Skybox Security, even before banks committed to hybrid work as a permanent fixture, 68% of banking and financial executives were concerned their distributed workforce introduced new vulnerabilities.
Despite over a year of remote working and well-publicised surges in security breaches, a worrying 42% of UK financial services and law firms still say their cyber threat visibility and detection systems are inadequately equipped to manage remote employees. Legacy technology and broken processes have been identified as key security posture management issues.
Prevent risky business
Cybersecurity teams weren’t that surprised by the challenges introduced during the rush to adopt remote work models. Security weaknesses existed before the pandemic, but many organisations were ignoring the canaries in their coal mines.
Now, financial entities simply cannot afford to deprioritise security. The attack surface has become too large to patrol using the classic and outdated “detect-and-respond” strategy to cybersecurity. At the same time, a deepening skills crisis means that financial organisations most likely lack enough human resources to properly secure the quickly evolving threat landscape.
Leaders must prepare for the industry’s next normal. Change has become imperative between upticks in cloud services, threats, and pressures to avoid both regulatory fines and mass customer data compromises. Only a shift in how organisations manage their attack surface will keep them from becoming honeypots for cybercriminals, who are increasingly leveraging sophisticated, multi-stage attacks to hold organisations to ransom.
Embrace change now to achieve business resiliency
Preparing for the unexpected is easier said than done. Here are three key strategies to illuminate a new path forward for proactive security posture management:
- Achieve comprehensive visibility by building a hybrid network model. Fully modelling the enterprise environment identifies security weaknesses before they attract threat actors. A complete and detailed picture of the attack surface empowers security teams to seek out exposed vulnerabilities in highly complex environments (rather than responding to breaches after the fact). There is clearly a lot of work to be done here: Research revealed that only 11% of organisations could confidently maintain a holistic view of their attack surface.
- Remediate vulnerabilities exploited in the wild based on exposure, not theoretical guesswork. Banks can adopt emerging capabilities to discover all vulnerabilities across disparate environments. This data then enables security teams to focus remediation on the most critical exposed risks that are exploited in the wild – instead of targeting abstract “high-severity” threats that may not actually be a risk because adequate security controls are already in place.
- Advance beyond point solutions to modern, scalable solutions. The explosion of cloud computing has dissolved traditional walls between networks and made the cybersecurity ecosystem vastly more complex. As a result, many major banks today utilize upwards of 100 unique security tools. To overcome this increasing complexity, financial organisations must start adopting vendor-agnostic solutions that can freely exchange data across IT, hybrid cloud, and critical infrastructure. What’s needed is an open ecosystem that enables security teams to maximize the tools they already have in place.
Despite the pandemic and its economic impacts, most banks and other financial organisations have committed to increasing cybersecurity budgets year-over-year. Historically, security weaknesses have been addressed reactively. Instead of spending expanded budgets on detection-focused threat hunting tools, leaders must adopt proactive strategies to manage new risks and avoid adding more point solutions to their already complex security stacks.
The financial sector is expected to face a continuous increase in new vulnerabilities, so now is the time to overcome the industry’s most enduring cybersecurity challenges. With a proactive security posture management strategy in place, financial organisations will ultimately increase the real-world business value of their cybersecurity budgets.
Alastair Williams is director of solutions engineering for the EMEA region at Skybox Security. Fortune 1000 companies and many of the largest banks in the world turn to Skybox to proactively secure their complex hybrid environments and reduce exposure to cyberattacks.