Many large enterprises in Australia spent last year wishing they had been better prepared for the pandemic.
They wish they'd been more prepared with dealing with political uncertainty in addition to the rapidly increasing number and changing nature of security threats.
Enterprise IT teams have had particular cause for concern. A 2020 report by Verizon discovered that large organisations were the victims of over 70 per cent of data breaches, most of which were found to be perpetrated by external actors. In other words, cyber attackers are targeting large enterprises and, more often than not, succeeding.
Financial reward continues to motivate attackers. But advanced threats also pose risk to the deep wells of data that enterprises are amassing. Much of this is sensitive data, resulting in negative consequences when those wells leak or are infiltrated.
The pandemic has confronted IT security teams with a continuous series of obstacles, in addition to the hurdles they already faced. With the number of challenges growing, there are a number of things businesses can do this year to protect their corporate networks.
Take cloud into account
There’s already plenty of conversation about whether cloud will reach its peak this year, with many organisations already having IT environments to some extent in the cloud. But all change, good or bad, brings new dynamics and new sets of diverse challenges with them. Cloud is no exception.
An increased attack surface is one of the implications of the complex nature of cloud. When traditional network perimeters are removed, the question of accountability must be asked. Whose responsibility is it to secure data hosted in the cloud – the cloud provider or the customer?
Misconfiguration of account privileges is one of the most common consequences of this misunderstanding, and by extension, one of the leading causes of data breaches. When default credentials aren’t reviewed, excessive permissions can allow standard users unnecessary access to sensitive data.
AI-powered automated tools that review user permissions and privileges can be of great use to IT teams trying to overcome this problem. They provide both a quick and effective way of discovering accounts with excessive privileges and removing any superfluous permissions for specific users.
Monitor and secure third parties
Whether customer service, consulting or supply chain services, outsourcing internal functions has become commonplace. Many of these third party services require access to critical internal resources and data to fulfil their obligations. These sensitive assets would cause significant harm to the organisation if disrupted or stolen.
This presents a problem for IT teams, especially given responsibility for security is then passed to third party partners. While you may trust your own security measures, policies and protocols, can you trust theirs?
In fact early last year, Western Australia’s P&N Bank disclosed to customers that it had been the victim of an attack that happened during a server upgrade on a third party company the bank engages to provide hosting services.
This could happen to any business using third party vendors. The impact an event like this has on reputation, as well as a company’s finances, is deep.
The privileged accounts of all external operators must be constantly managed and monitored. They must be secure, structured and multi-levelled, granting third parties enough access to carry out their jobs without putting the organisation at risk of a punishing data breach.
Advanced security-as-a-service packages are well worth consideration for businesses hoping to ease the burden of monitoring and management on their IT team.
Educate and monitor remote employees
The most evident challenge over the past year was the transition into home offices from the traditional corporate workplace. IT teams were thrown into a maelstrom of consumer technology trying to connect to central corporate networks. Whether an employee’s home Wi-Fi router or their personal laptop, the huge number of new devices introduced posed a variety of security risks.
This challenge is only going to continue throughout this year as many organisations in Australia continue to offer hybrid working conditions, which means the security threats will have to be managed.
The approach many businesses take to this challenge adds to the problem. Far too many businesses are over reliant on security policies to keep bad threat actors out of their networks. These are almost never enough by themselves, with many employees not aware of or ignore corporate security policies. More must be done.
A lack of user friendly processes is a common reason policies aren’t followed. Businesses may recognise the importance of security, but the processes implemented are too difficult for employees to use, creating friction in the user experience. In the end, people find shortcuts in the pursuit of efficiency and ease of use.
A balance must be struck to address this problem. Employees must first be educated on the importance of adhering to security policies, but in turn IT teams must adopt tools and processes that help minimise disruption to the wider business.
Prepare for the inevitable
Cloud computing, the increasing use of third parties and hybrid work environments will all continue to pose a challenge to the resilience and security of large organisations this year. But with the right advice and investment, there’s no reason why your organisation’s sensitive assets shouldn’t be safer.
Andrew Slavkovic is a solutions engineering manager of ANZ for CyberArk.