A new enterprise perimeter and the cybersecurity raising challenges

By Andrew Howard, Chief Executive Officer at Kudelski Security

The security industry has faced a variety of challenges throughout 2020. The pandemic put pressure on security and IT operations and shone a spotlight on underlying issues many organizations were facing in terms of their digital transformation and security posture. If that wasn't enough, the threat landscape also shifted and is now more volatile than ever.

As security leaders prepare to handle what lies ahead in 2021 and beyond, there are three key trends they should pay special attention to: the increase in adoption of policy-based security models, new ransomware threats and greater utilization of artificial intelligence.

Adoption of policy-based security models

The prospect of moving an onsite workforce to a remote setting had a huge impact on many organizations, as they realized they weren't ready for such a dramatic shift. Moving to remote work due to COVID-19 exacerbated the shortcomings of the traditional enterprise perimeter security model. This led to more organizations choosing policy-based security models, such as Zero Trust, to ensure the protection of their employees while remote work continues to be a norm.

As remote work becomes more normalized - beyond the pandemic -, rather than equating trust to a corporate network location, a Zero Trust model analyzes information about the user, data, applications and devices to contextualize security risks and dynamically adapt access rights. Successful adoption will depend on organizations fully integrating various tools within their environment, from authentication systems and network security appliances to endpoint detection and response.

Increase in data breaches and ransomware attacks

Attackers are constantly changing their methods, resulting in new and evolving risks. It is important for companies to be prepared and aware of new threats to stay ahead of them and protect their data from any potential compromise.

Looking ahead, companies should expect to see an increase in ransomware, with bad actors increasingly threatening to expose encrypted files if they refuse to pay a ransom. Organizations have begun to do a good job in building, testing and operationalizing their office backup strategies to mitigate the risk of ransomware. Unfortunately, most of these organizations have failed to mitigate the actual risks, if data has been compromised before - whether directly from the company or through third parties - threat actors will still be able to gain a foothold into the company's assets. The focus moving forward should fall into ensuring they have robust backup and data recovery strategies that can help address the systemic weaknesses attackers are exploiting.

We're also going to see a considerable increase in the use of illicit Auth 2.0 grants to compromise accounts. In general, organizations have created better phishing awareness programs, increased multifactor authentication, and created rules to detect anomalous logons; however, attackers have shifted to trick users into Illicit Oauth 2.0 grants. To prepare, companies should limit which applications can request OAuth 2.0 grants from end users or disallow specific OAuth 2.0 scopes from ever being granted.

Utilization of Artificial Intelligence

We will see an increased utilization of AI particularly within the IoT and OT industries, given the technology's ability to help automate many tasks to reduce costs and improve productivity. However, as security leaders decide to adopt AI, they will need to prioritize the integrity of the data and make sure basic cyber hygiene protocols are in place.

Utilizing AI without the basics - from asset and patch management to user awareness - will only exacerbate the number of breaches we will see, as simpler exploits will be able to leverage any weak spots.

Looking ahead to 2021 and beyond, organizations need to be prepared to secure their resources no matter where they are accessed from. Leaders will need to make sure they add security-based policies to their business continuity plans as well as understand all the threats' shifts and how to adopt new technologies to mitigate potential risks.

##

About the Author

As CEO, Andrew focuses on expanding the international footprint for Kudelski Security's unique blend of cybersecurity capabilities. This includes working with clients, partners, and new strategic alliances to optimize approaches to minimizing cyber risks. Prior to becoming CEO, Andrew served as Kudelski Security's Chief Technology Officer and was responsible for the evolution, development and delivery of the organization's technology strategy and solution architecture.

Andrew has over 15 years of experience in the cybersecurity market and has extensive experience as a security architect, strategist and technical leader. Prior to joining Kudelski Security he led an R&D laboratory focused on national defense challenges at the Georgia Tech Research Institute and also served as advisor on emerging security threats to Fortune 250 CISOs and government bodies.

Andrew has an MBA in management of technology, a master's degree in information security, and a bachelor's degree in Computer Science from the Georgia Institute of Technology.