The Digital Transformation continually advances and, according to experts, so does the risk of a cyberattack. It is key to be prepared. At any moment, hackers can do their thing and bring an end to the business. For this reason, organisations are looking for a way to better manage risks in the new normal, where teleworking is combined with going back to the office and, therefore, to corporate networks.
Going forward, companies must do two things: raise the awareness of all employees regarding cybersecurity and have a plan to restore programs very quickly and with the least impact on business continuity. The logical thing is to think that technology is going to save your life. While it’s true that it can help, what will make the difference is the experience of the consultants who will develop the service.
Security is a combination of processes, people, and technologies. Simply having a solution does not guarantee anything. The fundamental thing is to surround yourself with talent so that security is inherent to the business at all its levels. It is important to pay attention to data gaps. In the United States for example, organisations face high costs, averaging $8 million per offence, 5% more than in 2019, due to a complex regulatory landscape that can vary from state to state.
Experts warn that companies are not giving enough importance to cybersecurity. They are guided more by cheap solutions than by those that look for the robustness and quality of the system. This is a serious problem, since cybercriminals often target countries where security measures are more lax.
The general trend in the business world, especially of those who have not yet taken the step to offer their processes, fragmentation, and the scarce use of methodologies to organise security, is that while there is some protection, it is not connected, which does not allow correlations. Added to this is the inability to prioritise relevant information and problems with updating said information quickly.
In this scenario, where teleworking is a very widespread practice, the IT-based perimeter where the remote user was an exception and the use of the cloud was limited has become obsolete. The focus must be deeper and more central, since first it was decided to use VPN and redirect traffic to the corporate network, which is leading to congestion problems. This is not the only obstacle. The use of personal devices also exposes the assets of the company to possible external attacks.
About the issue of VPNs, experts say that they were created 20 years ago to offer an encrypted channel between two networks, that is, they were not created to be used at scale within the organisation. In the current situation, it is the employees who have become the main attack vectors. The ideal is to train them so that they can protect themselves and safeguard the data they access and create.
To respond to the challenges, we recommend extended network visibility, so that the moment an attack occurs there is agile response capacity, as close to real time as possible. Thus, you will optimise your business practices and take a step towards a digital state that guarantees business continuity and promotes growth, increasing the productivity of your employees. This shield will be essential due to the emergence of hybrid and multi-cloud environments, which require a single platform on which activity can be correlated throughout the digital infrastructure that allows for a global context.