Article-security_trends

Almost every business, in some way, was forced to alter its operations due to the pandemic. When the first lockdown hit, flexible working was not on many businesses’ agendas, but COVID thrust them into a situation that left them no choice – do it or fall behind.

The problem, however, is that these “situational reactions” were not adequately thought through or methodically planned, which is crucial when securing a virtual workspace.

Now, nearly two years later, the solutions that were intended to be temporary have become permanent, cementing lax security into place.

As we enter 2022 – and another year of COVID – businesses need to take a step back and re-evaluate their remote working and security strategies, especially if they’re to keep up with these trends we see in the market:

1.     The risk landscape continues to evolve

Businesses tend to prioritise productivity and continuity over security when implementing remote and hybrid working arrangements. When employees needed quick access to data and systems, many companies based their decisions on technology and not security.

With the enactment of the Protection of Personal Information Act (POPIA) last year, and with people accessing company information from all sorts of devices and connection points, this lax approach to security – and especially mobile security and device management – will soon catch up to businesses.

The risk landscape is bigger than it’s ever been, and a business’s obligation to secure data must become a priority.

2.     Disinvestment in multiple technologies and vendors

The increase in COVID-driven cloud adoption has resulted in a drive to consolidate and simplify the number of solutions and vendors in the technology stack. That’s because the more tools a business has, the more complex and expensive it becomes to manage and secure the network. And the by-product of more tools is more alerts and a noisy environment that makes it easier for threats to go unnoticed.

The Holy Grail of security ensures all tools and solutions work well together, making the sum greater than its parts. Getting this right requires a mindset shift from wanting the “best-of-breed” Magic Quadrant solutions to making technology decisions based on how well they integrate with existing infrastructure and how the addition – or removal – of a solution will reduce risk exposure and/or increase operational complexity.

3.     Behavioural analytics will do the heavy lifting

The “alert issue” will never go away and has been a sore point for many security engineers.  As we add more granular security, we increase the amount of visibility and alerting. While this is not always a bad thing, it can become challenging for an SOC to differentiate between alerts or distinguish serious threats from minor incidents.

That’s why businesses are increasingly using behavioural analytics, supported by artificial intelligence and machine learning, to identify deviations in user behaviour in real-time. Coupling this with event correlation and presenting a much simpler output and context-rich data to the security team allows them to quickly identify and action alerts and incidents that matter.

4.     Zero Trust adoption

The dissolution of the perimeter has made security boundaries challenging to define and protect using traditional mechanisms and concepts. Identity has become the new perimeter and a ‘zero trust’ approach has gained traction as a concept and security model.

In simple terms, zero trust is about removing all assumed trust and continuously evaluating and enforcing security policies in a dynamic manner against users, devices, and applications or services. With continuous behaviour assessment using advanced analytics, businesses can move away from static, ineffective security policies designed to create walled gardens toward dynamic rules that respond in real-time to user and environmental behaviour.

5.     Rise of SASE

Cloud adoption and ‘work from anywhere’ has placed demands on network and security to scale elastically without sacrificing visibility and overall security. Furthermore, a focus on data in motion and at rest, as well as cloud application awareness, has created a market for security services and controls that can meet these needs.

SASE relies on zero trust as a core security principle and provides connectivity and protection mechanisms between users and cloud applications, as well as visibility and enforcement between applications.

By consolidating numerous security and networking functions into a single managed cloud service, SASE reduces complexity and costs, enhances access and security, and enables fast and secure cloud transformation.

6.     Cyber insurance will become commonplace (we hope)

It is likely that every business at some point will experience a variation of a cyber-attack. Whether this is a denial of service against a website, or ransomware finding its way onto critical corporate data, the impact could be significant. More concerning is that these kinds of breaches have been successful against global companies that spend millions on security products and technologies and have experts working around the clock to monitor, detect, and remediate breaches.

Clearly, even the best products deployed by specialists are sometimes not enough. While each company should perform a reasonable amount of due diligence in accordance with their needs, there quickly becomes a point of diminishing returns. A trend is emerging to mitigate the risk by passing it on to someone else – in this case, cyber insurance companies.

For a fixed cost, businesses can manage the risk presented by cyber-attacks with clear aid and outcomes, which will recover damages and costs and ensure business continuity going forward. Cyber insurance, we hope, will become a common discussion when security is mentioned.

Security first, always

Hybrid working will become standard operating procedure for many businesses, if it hasn’t already. To support this level of flexibility, businesses need to move away from technology strategies and adopt security-first strategies to succeed in a hybrid working world.

Knowing what to do next can be overwhelming, especially for businesses with a less mature security strategy. Find a tech-agnostic MSP that takes the time to understand your business and is happy to be guided by your security framework. Contact us at three6five. We’ll get the ball rolling.