From ‘Should’ to ‘Must:’ Overcoming IT Security ChallengesBy Claudio Martinelli | Thu, 04/15/2021 - 12:58
A popular measure for companies to combat the pandemic was to switch to remote work. However, with little time to make the transition, many had no time to enact proper security measures or train employees, leaving them vulnerable to a number of new security risks. As the first months of 2021 have demonstrated, the home office is and will continue to be the only workspace for millions of employees this year. However, a year after adopting this work model, some companies are still struggling to protect their network and employees against cyber threats.
One of the most common risks during the last 12 months has been attacks against the protocols used by employees to access corporate resources remotely. RDP is perhaps the most popular remote desktop protocol and is used to access Windows or servers. After the switch to remote work, brute-force attacks against this protocol skyrocketed. In a brute-force attack, attackers test different usernames and passwords until the correct combination is found and they gain access to the corporate resources. Over the past year, while the total number of brute-force attacks has ebbed and flowed, they have continued to increase when compared to pre-pandemic levels. In the case of Mexico, 98 million such attacks were registered last year.
Another trend that has been fueled by the work from home scheme is “shadow IT.” Whether it is messengers, file-sharing services or small tools for work or personal needs on corporate devices, the level of security in such applications can be obscure. Even if they are used with good intentions without approval from IT departments, doing so can still potentially lead to compromising corporate data or even a malware infection that would threaten an organization’s reputation. Add to that the usual threats of phishing, ransomware and malware and it is clear to see why the current situation poses serious cybersecurity challenges to companies.
However, there is no need for organizations to panic as a lot can be done on the cybersecurity front even while companies face budget cuts brought on by the pandemic. In 2021, outsourcing of IT and cybersecurity functions will be crucial to solve expertise shortages and save budgets.
Considering the main threats targeting countries like Mexico, these are the main trends for companies to monitor as we continue working remotely:
- Protecting the perimeter is no longer enough; home office assessment and certification will become a must. Tools to scan the level of security in a workplace, from the presence of software vulnerabilities to connecting to an unreliable or unprotected Wi-Fi hotspot, will be necessary. This will also require wider adoption of VPNs, privileged access management, multifactor authentication systems, the implementation of stricter monitoring, and the updating of existing contingency and emergency plans.
- Transition to a service model will enable required levels of IT and IT security with lower investments. According to Kaspersky’s survey, seven in 10 (73 percent) businesses in Latin America said they already plan to use a managed service provider (MSP) or managed security service provider (MSSP) in the next 12 months. This is for good reason as the service model helps to minimize capital investments and transition business costs from CAPEX to OPEX.
- Training for internal IT security specialists should incorporate management skills. Often, cybersecurity professions split into very narrow specializations, meaning that hiring staff for each specific role may be too expensive. This is where outsourcing can help plug the gap. However, businesses that outsource key cybersecurity components still need to focus on developing management skills for their in-house teams to handle those outsourced functions.
- There will be an increased reliance on cloud services, making dedicated management and protection measures necessary. The survey showed that in 2020, employees in 98 percent of enterprises and 99 percent of SMBs used non-corporate software and cloud services, such as social networks, messengers or other applications. This is unlikely to change when staff return to the office. To ensure that any corporate data is kept under control, better visibility over cloud access will be necessary. IT security managers will need to align themselves with this cloud paradigm and develop skills for cloud management and protection.
- Similarly, SMBs and enterprises alike are increasingly storing sensitive personal information in the cloud, often believing the cloud-service provider is responsible for the security of the data, which is not true. Cloud providers guarantee the availability, accessibility and physical protection of their service, while data protection still falls under the organization’s responsibility. In fact, it remains much more likely for organizations to suffer a breach due to simple and preventable staff mistakes. From defending themselves against the scourge of social engineering and conventional malware, to preempting targeted attacks, the responsibility lies with organizations to migrate their security solution licences or extend their protection to this environment.
Team members responsible for IT security across a business, from CEOs and CISOs to IT managers, all have their own set of challenges. However, these can be overcome by taking proactive actions to ensure an organization remains protected. These include gaining a full understanding of how specific threats are being carried out and where they are coming from, ensuring the protection of the data stored in third-party services, along with equipping remote employees with the right security solutions and policies to keep their home office networks safe and secure.