Avoid Becoming Cyber Bait While Navigating Uncharted Waters

Note: This was previously published on Security Boulevard.

As the world navigates the unchartered waters of a global pandemic, organizations must reevaluate their security strategies to avoid falling prey to threat actors lurking beneath the surface, while simultaneously delivering a stellar customer experience.

We are living through extraordinary times where organizations spanning all industries have been forced to reduce their digital transformation (DX) timelines from years down to mere months. Simultaneously, businesses have been challenged with maintaining high-quality end-user experiences and improving security with limited resources. That said, with change comes opportunity to both learn and adapt for the future.

As TV viewers tune into Shark Week on August 9 to educate themselves about sharks, their habits and behaviors, similarly, network operators (NetOps) and information security (InfoSec) leaders must study potential attackers to better understand their motives, how to navigate the unchartered waters of change and disruption and to ensure better visibility across their organization. I recommend NetOps and InfoSec leaders take these four steps to ensure a strong security strategy amid these challenging times:

Get Visibility into Murky Waters

Like a great white shark attacking from below, threat actors are constantly lurking within an organization’s network, looking for an opportune moment to turn dwell time into a full-blown attack and leave catastrophic bite marks. With a massive increase in network traffic and an expanded attack surface due to the pandemic-induced fluid workforce, InfoSec teams need full visibility to secure and control a wide range of devices, users, data and applications.

Attacks often occur close to shore where swimmers are complacent in familiar territory. Similarly, organizations may fall prey to the insiders within their walls and must trust no one. This mindset, known as Zero Trust, provides organizations with the ability to authenticate and protect the organization, it’s users, devices and data at a much granular level. 

Grab Your Lifeguard Stand and Binoculars

As organizations understand the importance of a Zero Trust mindset, the next step to ensure happy beachgoers involves a close inspection of what they need and when they need it.

Lifeguard chairs typically stand around six feet tall, allowing lifeguards to overlook beach activity. With binoculars in hand, complete visibility can be realized. Like a lifeguard, the foundation of providing an exceptional customer experience lies within understanding customer needs and then providing solutions to satisfy those needs. For example, as a lifeguard sits six feet above beach goers, they may see a child stub their toe and in need of a Band-Aid, a swimmer in distress or a shark swimming nearby. As lifeguards keep a close watch on civilians, they can offer personalized experiences built on all of the information collected.

InfoSec and NetOps teams are no different. With visibility into a user’s data, both encrypted and unencrypted, an organization can quickly spot the anomaly and deliver the appropriate solution to ensure a high-performing and secure customer experience.

Bundle Preventative Measures to Avoid a Hefty Hospital Bill

There are a number of tips people can follow to avoid being bitten by a shark, including swimming in groups, avoiding shiny jewelry and avoiding swimming at dusk or while bleeding. In or out of the wire, the more guidelines you follow, the safer you will be. Now that visibility is clear and organizations have their customers top of mind, InfoSec and NetOps leaders must review their security infrastructure and fill in the gaps in their guidelines.

According to a 2018–2019 report, the average cost of a cyberattack is $1.1 million, making it essential that organizations invest in security and detection tools that will bolster their security posture. That said, organizations are being forced to do more with less given recent budget and resource cuts, so they are looking to optimize their current tools and bundle solutions together for a reliable, holistic approach to security. Increasing ROI during times of budget and resource cuts is critical.

In order to efficiently manage resources, and even save money, chief information officers (CIOs) should optimize their existing infrastructure, tools and application solutions to free up operational expenditures (OpEx) and resources that could be better spent on higher impact, customer-focused DX initiatives that prepare them for the New Tomorrow.

No Matter the Beach, Stay Vigilant and Protected

There are over 500 species of sharks around the world, so no matter what body of water you are enjoying, it is critical to be aware of your surroundings. While shark attacks are rare, being a victim of a cyberattack is not, so organizations must be on continual alert. As organizations adapt to a fluid workplace where employees are working from home, their office or somewhere in between, InfoSec and NetOps leaders must continually adapt to these changing circumstances. In order to do this, organizations must implement easy-to-use, secure and scalable SaaS-based applications, such as video conferencing and collaboration tools that are designed to leverage high bandwidth internet. Having adequate security tools in place and visibility into the network of fast-running apps and information in motion is critical.

As these new working patterns and applications are adopted, organizations must support a seamless experience for employees by ensuring the availability of the tools and data that employees need to be productive, while keeping security of both remote and office environments top of mind.

Being agile, running lean and doing more with less are the keys to success as organizations navigate uncharted waters. Organizations that follow these four steps will emerge stronger and well equipped for growth that is backed by an agile, scalable and secure network. Only with complete visibility and analytics across physical, virtual, cloud and multi-cloud networks will organizations be able to swim fast and stay secure to avoid becoming shark bait.