The issue of cybersecurity has come to the fore in recent times with remote working being the norm for many people across the globe. In this environment of heightened risk, I discuss ways in which organisations can strengthen their guard against cybersecurity threats beyond traditional perimeter defence systems, and how adopting a zero-trust approach is key to achieving this.
The Continual Increase in Cybersecurity Risks in Today’s World
The coronavirus pandemic has hit cyber security hard. In implementing remote working arrangements to protect employees during this period, companies are now facing a situation where the amount of work processed outside the safety of internal company networks has increased. In fact, the sheer volume of data that needs to be secured with traditional perimeter defence methods has exploded. Not surprisingly, cyber actors have taken advantage of the situation, almost doubling the number of ransomware attacks alongside a sharp increase in critical and high vulnerabilities in security solutions such as VPNs over the past year.
At the same time, companies continue to look at accelerating their digitalisation with the adoption of cloud computing, 5G, and maturing technologies like edge computing. While such rapid innovations will allow companies to adapt quickly to secure market opportunities, better engage consumers, and personalize services at scale, potential security breaches from digital innovation is real. Data breaches, for example, can result in the potential loss of consumer trust and result in long term negative impact on companies.
Staying Ahead of the Game With Advanced Security Technologies
Regardless of where a company is on the technology curve and how it is unlocking new concepts of working and service delivery, companies need to stay ahead of the game by canvassing forward-looking solutions to fulfil the adage of ‘security by design’.
To achieve this, companies should undertake a fundamental overhaul of their network and security architecture. Perimeter defences, which are designed for the traditional office core and branch construct, are no longer adequate. Adopting prevailing concepts such as the zero-trust paradigm and pro-active defense should be adopted.
That said, most companies cannot afford to start with a clean slate. In such circumstances, I recommend starting right with a zero-trust approach: this involves nailing down to-be architecture with a vision of cybersecurity for the company that looks at the usage of various technologies to be used and maps out how they are to be secured.
“Regardless of where a company is on the technology curve and how it is unlocking new concepts of working and service delivery, companies need to stay ahead of the game by canvassing forward-looking solutions to fulfil the adage of security by design.”
Having robust identity and access management is also critical to establishing good security and is usually a good way to begin one’s organisational transformation. Companies can look at secure access security edge (SASE) solutions that combine network and security functions with wide area network (WAN) capabilities to support their dynamic, secure-access needs.
The benefits of a SASE solution are also more easily identifiable to the company’s stakeholders. SASE reduces complexity in connecting diverse employees with multiple different devices and scenarios to SaaS, cloud, and on-premise resources, allowing for more consistent enforcement of security policies. SASE’s single-service model enables internal teams to focus on security effectiveness rather than the integration of various security functions. As a cloud service, SASE is readily scaled up or down and billed according to usage. This is an excellent feature, especially when companies need to experiment and fail quickly, and repeatedly, with new services for innovation. I believe this will provide more a sustainable solution to an organisation’s innovation needs.
The next step is to build pro-active defences to address future risks with good risk assessment practices. Using a threat modelling tool is useful to quantify and visualise the threats and enable risk assessments to be conducted with speed and at scale.
Standing Guard Against Future Threats
Lastly, review the threat models whenever there is new threat intelligence on the cyber actors in your industry or TTPs (Tactics, Techniques and Procedures) of threat actors which your company is worried about. Adapt and improve your defence by closing any vulnerable links. De-prioritise a patch when a vulnerable asset is less at risk. A threat modelling tool allows for near-continuous risk assessment that enables intelligence-driven defence.
Better yet, add on a breach assault simulation (BAS) tool to verify the defences continuously. A BAS automatically probes for security holes caused by misconfigurations or other factors, thereby freeing up human expertise to focus on more critical areas. Besides constantly improving security, threat modelling and BAS tools are excellent ways to communicate risks and the value of new controls to the board.
As Mediacorp’s Chief Information Security Officer (CISO), I have invested a significant amount of time and effort to build up models of the company’s networks, starting from the critical ones. I define various connection archetypes and associated security policies upfront, thus allowing users to simply pick the most suitable ones and proceed. This is much simpler than having to study every new requirement to provide a suitable security solution, which is especially important when you anticipate the need for many experiments to innovate work processes. Certainly in Mediacorp’s case, this approach enables more jobs, such as news editing or radio broadcasting, to be done remotely during these times. With this, I believe that consumers can look forward to better engagement through more high quality, interactive content that is delivered to them.