The 2020 pandemic exposed gaps in network security postures that no one could have foreseen. Unsecured home networks, use of BYOD (bring-your-own-device) and siloed operations made previously visible threats on corporate networks become invisible, hidden on home networks.
Cybercriminals took advantage of this expanded attack surface to launch phishing, vishing and ransomware attacks. In a recent independent survey conducted on Juniper’s behalf of a thousand CIOs and CISOs across nine countries*, 73 percent stated that “In light of the recent pandemic, my organization’s network and security has sometimes struggled in terms of the added business demands that have been placed upon them”.
With that sobering statistic in mind, life won’t return to “normal” anytime soon, and the need for employees to work remotely will remain. Organizations need to pause and rethink how they approach security to support this new paradigm with a focus on increased visibility and faster response. Otherwise, cybercrime will continue to evolve and take advantage of remote working as the easiest point of entry into their network.
Security Budgets will Suffer in 2021
For several years now, cybersecurity has been one area where investment and budget growth are constant. The security team has positioned successfully with insights and future trends, and the business sees strength in security as both a regulatory need and a competitive advantage.
However, in 2020 we saw a change: investment had to be brought forward to support remote working, and a rapid move into cloud-based software services, all driven by the pandemic.
Now, 2021 may see reduced spending on security, and an increased need to demonstrate fast value from previous security investments. In fact, in a recent independent survey conducted on Juniper’s behalf of a thousand CIOs and CISOs across nine countries*, 70% stated that “The pandemic may limit and restrict my organization’s future planned spending on network security.”
To prepare for this possible outcome, security teams need to think differently and leverage existing solutions more effectively, or deploy changes such as connecting to a secure DNS service, which would only carry minimal implementation costs.
Availability and Accessibility Puts Data at Risk
With more employees requiring access to more information, from more places, at all times, we’re likely to see a spike in data breaches and exposures in 2021. Too often, the business need to provide data is prioritized over safeguarding information and restricting data access appropriately, meaning more databases of information are available for malicious actors to potentially access and exfiltrate.
Combined with the adoption of 5G, which enables both attacks and data theft to happen faster and more discretely, it is likely that 2021 will suffer from growth in data theft. To reduce the risk, organizations need to consider basic security best practice before making any access changes to business data:
- Make sure that passwords are complex and regularly updated
- Ensure that role-based access is implemented to restrict and control overall access
- Heavily encrypt data, both at rest and in motion.
This combination will help to ensure that hackers end up with a useless batch of restricted data rather than sensitive business information, should they gain access.
Implementing and Securing a Distributed Workforce
With the significant rise in remote work due to the on-going pandemic, businesses in India are challenged with finding new ways to leverage IT to deliver a successful work-from-home operating model, while ensuring reliable and secure connectivity.
To enable a robust remote workforce, organizations will require the agility to adopt new technology. Building new IT infrastructure on top of legacy systems within data centers are no longer the solution. In this era, cloud will lead the way. As such, it is paramount that security remains at the core of this new technology adoption amidst a new wave of remote workers.
However, this has also given way to a broader cyberattack surface. Therefore, to mitigate the increasing number of threats in the network, organizations need to integrate new policies and processes to address these new challenges, while implementing security solutions that are seamlessly integrated across the full stack of cloud delivered services.
Rohit Sawhney
Juniper Networks India
*Research conducted by Vanson Bourne in June/July 2020, in France, Germany, Israel, Italy, Netherlands, Saudi Arabia, UAE, UK and the US. Respondents drawn from organizations of 1,000 employees or more.