By Brian Yelm, Managing Director at Cerberus Sentinel
The last two years seem to have thrown most organizations some cultural and IT management curve balls. From individuals’ learning to establish work-life balance while working from home, to businesses who have been forced to adopt remote working strategies that accommodate travel, relocation, or just at-home hours and access, there are new norms. Despite the fact that many organizations are pushing a return to the office, research indicates there may be some resistance to this from employees who much prefer life without a commute. Perhaps the most important lesson to come out of this cultural work shift is a challenge to the preconceived notion that one needs a fully operational, physical office in order to conduct business.
Where does this leave internal network security teams? Technology vendors were lining up in 2020, promising to have the next blinky box that would make everyone safe. However, if we have learned anything in the last two years, it is that cyber attacks happen whether you operate in a brick-and-mortar location, or some/all of your teams are remote, and whether or not you have that blinky box. As seen in the most recent HubSpot and WatchGuard compromises, even the blinky box can be compromised. As if there weren’t enough to worry about before, there are still new threat groups showing up on the scene all the time, like Lapsus$, and they’re wreaking havoc with targeted cyberattacks. The good news is, people seem to understand the threat landscape a little bit better.
Across industrial verticals, leaders in business and industry have revealed that the pandemic has brought about an acceleration of cultural awareness regarding cybersecurity. This accelerated progress is in many ways due to the increased number of workers shifting to a work-from-home (WFH) environment. The fact that more people work remotely or adopt a hybrid working approach means that businesses have an opportunity to cultivate a comprehensive cybersecurity culture to protect their workers and networks from a series of widening attack vectors. This is because the need for appropriate cybersecurity protocols has been properly emphasized after decades of relative neglect in favor of more material concerns, which now seem less important in the current working climate.
Protecting and Prioritizing the Network
This strange season seems to have hurtled many businesses into the 21st Century as, finally, more awareness is given to the critical need for network security, including endpoints. Endpoint security is now more essential than ever. In the past, cybersecurity has been notoriously difficult to quantify from a financial perspective, lacking a serious metric that can measure return on investment (ROI). However, for the most part, those days are behind us, as the culture is shifting to this new way of interacting, where companies rely on their networks even more – for connectivity, reliability, and security around-the-clock, anywhere in the world.
It is important to remember that cybersecurity is a culture, not a product. Part of this culture is the realization that business truly is dependent on smooth network operation, and that includes network monitoring. When you consider the importance of corporate networks, and the interconnectivity that they afford, you can see that losing control of your network to attackers will most certainly be the downfall of any organization who doesn’t implement major mitigating controls that support this new connectivity, such as Zero Trust Networking, around-the-clock monitoring and response, and updated access control policies and procedures seriously. Don’t let it be yours.
Network downtime causes lost business, and network shortages can result in your business shutting off entirely. Nothing spells downtime and shortage faster than ransomware. This further emphasises just how critical protecting your network is: People and assets are important, but the network is essential. If you don’t have that, your people and assets can’t play their part – hence, you don’t have a company.
How Cultivating a Culture of Cybersecurity is the Key to Future Business
As a short-term solution for this issue, many enterprises have extended their network in non-traditional ways very quickly in order to address the need for flexible work capability for a large percentage of their workforce. While this may be a temporary solution, it is important to note there are clear security implications when you do anything quickly – especially when it comes to corporate network structure. Now is the time to go back and architect smarter, more secure solutions, perhaps speeding up digital transformation initiatives and having security engineers review them. So, if your company was one that deployed hasty network expansion in order to maintain security for employees working from home, your security team should now be constantly monitoring all IT assets and knee deep in digital transformation to improve and upgrade in such a way that they can maintain security across all aspects.
Business-leaders should ask themselves these simple questions: did you play it correctly? Did someone oversee security at all stages of evolution? Have you brought in a third-party to assure the security of networks after the fact? Have you shown due diligence to prove that your network is not only functional, but safe from all angles? Is any part of your environment currently being left out of security testing? (If so, you likely have problems that have not yet been addressed.) Once these questions have been adequately answered, you should add this into your classic IT disciplines of capacity planning, availability, vulnerability management and all other aspects on this side of the network divide.
Now we must start thinking about the other side of the network – disaster recovery and incident response planning. Availability management is often overlooked in a rush to get things up and running. No one puts the time into thinking what happens if my primary business application gets overloaded or goes down. These networks don’t even have to go down entirely. Instead they could be subjected to a Denial-of-service (DDoS) attack. All of a sudden, the platform that you depend on can no longer support your services and processes.
Do you have a comprehensive business continuity plan or network backups in place if something were to happen to your primary networks? Can your backups be accessed via the network? (If so, that makes them easy picking for attackers.) Who will help you in the event of an attack? The truth that the network is the new heart of your business has serious connotations that many institutions have not yet begun to fully consider. As with all things cyber, it is important to identify and address gaps quickly, as cybercriminals are notoriously opportunistic and will seek any opportunity possible to come between you and your network.
These are all considerations that must be discussed and actioned as we embrace this brave new world of conducting business from our spare bedrooms. Establishing a comprehensive contingency plan that aims to minimize downtime is an important step when cultivating a culture of cyber-aware workers.
To discuss your business continuity and disaster recovery (BCDR) or incident response (IR) plans – or to talk with someone about getting an objective gap assessment, please [REQUEST A CONSULTATION HERE].