Whether you are managing cybersecurity, information security, operations security, or physical security, the sense of urgency to address the potential of attack or breach will continue to rise in 2021. With each year, the number of attacks, the amount of successful breaches, and the loss of important data only increase. The reason for this is there is no shortage of “malicious actors” out there—whether it’s organized crime, general criminal activity, or nation state-sponsored activities. Plus, the level of sophistication, the aggressive nature of the attacks, and the ever-increasing capabilities of tools and techniques make keeping pace with threats nearly impossible. It may seem like the attackers are always two or three steps ahead—because, unfortunately, they are. The challenge we all face is how to provide a comprehensive capability involving people, process, and technology to effectively protect, detect, and react against all forms of attack.
As an information security and risk owner, you have to identify and thwart every attack thrown your way. An attack happens every 39 seconds on the Internet, and while most of them fail, only one has to work. Phishing attacks, specifically, have increased 600% since February 2020, as malicious actors attempt to take advantage of new remote workers. And again, an attacker only has to trick one of your employees to gain access to your infrastructure.
Where the Industry Is Heading
More and more services and workloads are moving into the cloud. This is logical, as the scale and flexibility that cloud service providers (CSP) have available make for a very smart business decision. As you move more of your workloads to the cloud, security must be a key consideration. Building a strategy that focuses on business analysis and requirement for workload migration selection is key. Review of documented security policies and controls and assurance that they are applied to the migration process is essential.
Maintaining compliance is, of course, critical to your business, whether it be with external laws such as GDPR, or CCPA, with the NIST standards, or your own internal security standards. Most importantly, performing the proper security analysis and validation testing is a key part of the formula for success.
Gartner is now talking about the concept of cybersecurity mesh that governs the approach to architecture and controls. There are no longer well-defined physical security boundaries. Personnel accessing cloud services can be doing so from any device, anytime, and from anywhere. Traditional physical network access control is being replaced by access based on the user identity. This can be a person or device. Uniquely identifying every individual, or individual device, is paramount prior to granting access to services, applications or data. Using strong multi-factor authentication is critical to reducing the threat of credential stealing attacks. This is now the world we live in.
Identity and Access Control
As mentioned above, the world is moving to an identity-based access model. Employees want state-of-the-art devices to perform their jobs. Organizations want to enable users to connect from any device, anytime, and from anywhere. In order to support this securely, strong identity and access control systems will be required. Gartner refers to this segment as identity access governance (IAG). 2021 will see the demand for IAG grow significantly, as companies realize that once a user is on the corporate network, it may be too late to ensure effective IAG management. You must be able to ensure that every user and every user system are securely validated, and that access to applications or data is controlled at the individual user access level. Also, multi-factor authentication can significantly reduce the impact on user credential theft.
Zero-trust Architecture
“Zero trust” has been the new buzzword for the last several years, but it will become more prevalent in 2021. Zero trust means that you can no longer simply trust the users and resources that are within your security perimeter. This ties very closely back to comprehensive identity and access management, as well as proper authentication management before users, services, or resources are granted system access. There are several vendors that advertise their ability to perform in a zero-trust architecture, but the most important part prior to implementing any solutions is to determine your requirements, policies, and controls. Then focus on people, process, and technology together to ensure your architecture will meet your requirements. Any technology must work well within your operational parameters, meet your security requirements, and have the proper capability in concert with your security resources in order to provide protection, detection, and reaction capabilities when a breach occurs.
Cybersecurity Resources
The biggest challenge for 2021 is one of the most difficult to solve—there’s a shortage of cybersecurity professionals to meet the demands of the industry. Current figures show that approximately 3.5 million cybersecurity jobs will be left unfilled, because there simply are not the available resources to fill those positions.
What can you do about this? Certainly, training from within is a great option. Looking to third- party companies to step in and fill the void in implementation, testing, assessment, and ongoing management oversight will also be very necessary. There are many third-party companies that have expert cybersecurity professionals that can assist you in meeting your cybersecurity goals and objectives. The average cost of a security breach in the U.S is $8.6 million dollars. The average cost of a security assessment is between $15,000 and $50,000. Think about that! Connection’s Cybersecurity Solutions Practice is one such organization that can help you meet your integration, assessment, testing, compliance, and managed services needs. Reach out to a Account Manager today to find out more.
Stephen Nardone
Stephen Nardone, CISSP, is Director of Security Practice at Connection with over 38 years of experience in both the government side and the commercial side of the security business.
