Virtualization Technology News and Information
Article
RSS
Looking Ahead: Three New Security Risks and Trends in COVID-19 Era

By: Vinay Sridhara, CTO of Balbix

As the global pandemic has rolled on, malicious actors have capitalized on rapid shifts in the workforce to launch attacks against organizations of all sizes and across all industries, and their employees. The majority of companies rapidly transitioned to remote work, which, combined with opportunistic adversaries, has spiked risk levels as the extended perimeter becomes more and more difficult to control.

In light of these challenges, CISOs must stay ahead of shifts in the threat landscape and keep abreast of new attack trends. Below, I outline my predictions for the top three security trends for the latter half of 2020.

1.       Breaches Related to Compromised Credentials Rise

With the rapidly shift to a remote workforce culture amid the pandemic, companies have adopted new digital services and online telecommunication tools to support business continuity. With the onslaught of more users adopting new digital accounts and applications, there is a corresponding increase in the number of online accounts, both personal and work related, that a company's employees manage. This opens up risk for an organization and will likely result in an increase in breaches caused by compromised credentials.

80% of hacking-related breaches are still due to compromised, weak and reused passwords. This is especially concerning given that 99% of users reuse passwords not once, but 2.7 times on average between and across work and personal accounts, according to a recent report. As remote workers rapidly expand their digital footprint across more and more applications, organizations must make strong password hygiene a top priority.

2.       Adoption of Automated Tools to Manage Risk Increases

With the increased likelihood of remote work long-term, organizations need to be prepared for heightened risk that comes from an increased use of cloud, potentially insecure home networks, shadow IT applications and additional third-party software tools. To manage risk across a highly distributed digital ecosystem, the enterprise will turn to automated risk management tools that enable security teams to maximize limited resources across the expanded digital ecosystem.

By leveraging automated security tools, organizations can develop a dynamic understanding of the assets in their network, the potential impact of each risk and what risks are the most likely to be exploited. The result is an always up-to-date, prioritized view of the most impactful moves an infosec team can make at any given time to minimize the likelihood of a breach.

3.       IT Consolidation Becomes a Top Priority

Unfortunately, the pandemic has taken a toll on the economy, and we can expect cost cutting and IT consolidation to become hot topics for the foreseeable future. Security leaders will begin to shift priorities and focus on how to effectively eliminate overlap and waste within their operations. This is a vital undertaking, given that the typical organization wastes about 37% of their budget on unused software, resulting in thousands, if not millions, of dollars spent on redundant products.

Successful IT consolidation is accomplished by ensuring a complete, accurate, up-to-date IT asset inventory and categorization of all the hardware and software assets connected across a network. However, with the dynamic nature of today's organizations, having the ability to see everything is simultaneously more difficult, and more important than ever before. Fortunately, CISOs can leverage advanced tools that utilize AI to continuously build and automatically update inventory on an ongoing basis.

By consolidating various cybersecurity point products and by identifying and removing unused software, cost savings are achieved, and efficiency is maximized.

##

About the Author

Vinay Sridhara 

Dr. Vinay Sridhara has more than a decade of R&D experience in Wireless communication, Security, and Machine Learning. Prior to joining Balbix, Vinay worked at Qualcomm Research for over 9 years, where he worked on wireless networking, mobile security and machine learning. While at Qualcomm, he served on several IEEE 802.11 working groups and contributed to several core areas in these standards. Vinay has a Ph.D. in ECE and Masters in CS from USC and University of Delaware. He has authored many research papers, and holds over 100 patents. Vinay is on LinkedIn at https://www.linkedin.com/in/vinay-sridhara-190467/. For more information on Balbix, please visit its website, www.balbix.com

Published Monday, July 27, 2020 7:34 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<July 2020>
SuMoTuWeThFrSa
2829301234
567891011
12131415161718
19202122232425
2627282930311
2345678