Kamal Srinivasan, SVP of Product and Program Management at Parallels (part of Alludo), explains that technological advances require new approaches to dealing with cyber security threats.
“The only constant in life is change.” I’m very sure that when Heraclitus said this, he was not referring to the ever-changing cyber security landscape. But had he been, he would have been spot on. In the rapidly evolving technological realm of cyber security, the conventional approach to addressing cyber security threats that businesses face is no longer sufficient.
With the increased reliance upon technology to help businesses meet their internal and external goals, there is a necessity for a more robust and adaptive approach towards cyber security.
According to a recent survey by Alludo – in partnership with Qualtrics, featuring nearly 500 IT professionals, eight out of ten respondents stated that security is a top priority. Even still, with this increased importance placed upon cyber security, there were more than 79 million breached records in August alone.
It’s clear to see that the desire is there from companies to attack cyber security threats head-on, yet still, it wouldn’t be out of the ordinary to wonder why many cyber security breaches take place.
Technology is evolving faster than ever before
From cloud computing to Artificial Intelligence, the recent developments made in technology have led businesses from numerous sectors to implement new technologies to improve all aspects of business operations and customer satisfaction.
However, whilst doing this, reaping the benefits and capabilities of these technological advancements, they also at times inadvertently leave themselves exposed to cyber security threats.
An increased demand from both customers and employees for a more contactless on-demand experience has led businesses to invest in technology to meet both parties’ desires. At an ever-growing rate, cloud computing is being adopted to make data more readily available when customers and employees desire it.
41.4% of IT leaders reported that they were increasing their use of the cloud. A further 32.8% announced they were migrating on-premises workloads to the cloud.
This sudden shift to the cloud has undeniably improved operations for businesses from a productivity, flexibility, and collaborative standpoint.
Nevertheless, it has also left behind traditional security enterprise controls, rooted in the firewall-centric approach, making it increasingly more apparent that such and often used cyber security approaches can’t keep up with the new dynamic landscape.
There is no denying that in the future, the cloud will become more prominent in the way that businesses operate. Although IT decision-makers from businesses may be reluctant to do so, it is time to let go of the old and outdated cyber security measures and put in place newer approaches such as the Zero-Trust Architecture (ZTA). This approach operates under the principles that all entities are untrusted by default, least privileged access is enforced, and comprehensive security monitoring is implemented as is a core foundational requirement of secure remote access.
A ZTA approach challenges traditional thought processes and ways of working by assuming ‘trust in good, but control is better.’ This means that no user or system should be inherently trusted, no matter their location within or outside the network. Addressing the limitations of traditional enterprise controls and extending protective measures beyond the typical boundaries.
Double trouble: Tackling dual cyber security threats in a connected world
If the last few years have shown business leaders and IT decision-makers anything it’s that the future is unpredictable. Take the most conventional form of working now. No one would have thought that 47% of all workers would be hybrid and a further 11% were fully remote before the pandemic. But that’s where we currently find ourselves today.
The increase in employees working from both a hybrid and remote capacity though has had positives, it has also increased the chances of businesses falling victim to cyber security threats from a dual perspective. It shouldn’t be a surprise that with all the potential security threats out there such as phishing attacks, organisations plan to increase their security expenditures. 78% of IT leaders reported that they planned to up their security budgets either moderately or significantly in the coming year.
As all professional sectors increasingly become interconnected and work no longer has to be confined specifically to one place, it wouldn’t be a surprise if mobile devices and cloud computing become integral components of business operations. If they’re not already.
Bearing all of this in mind, businesses must invest in the necessary technologies such as remote application servers and remote browser isolation to deal with both external cyber security threats whilst employees work away from home.
In tandem with implementing the necessary technology, businesses should also implement a culture where all decisions by employees relating to data take into consideration the cyber security risks. Having principles as such whilst leveraging the right technology, gives businesses the best chance of not falling victim to cyber attacks.
The battle in the landscape will be continuous
According to IT professionals, the top three external threats to sensitive data in their organisations were malware and ransomware attacks (64%), cloud vulnerabilities (42%), and phishing attacks (38%). This isn’t a surprise considering the fact the dependability that has been placed on certain technologies such as the cloud.
But with the increased developments in other areas within the technological landscape, such as in AI, it wouldn’t be surprising if new avenues and loopholes arise for cyber attacks to take place.
So even though 59% of IT leaders have not experienced a security breach, organisations should not rest on their laurels. In today’s reality of hybrid and remote work, along with technological developments means that organisations must be forever alert and take a holistic approach to cyber security to adapt to the ever-changing landscape.
