Learning from the events of 2020 will help businesses protect their systems, data and operations more effectively, writes Glen Maloney, ANZ Regional Sales Manager, ExtraHop.
It’s probably safe to say we’re all happy to see the back of the annus horribilis that was 2020. While a mass vaccination program that may herald the return of life as we knew it, BC – Before Covid – is now imminent, the pandemic has changed the way businesses operate, here in Australia and around the world. In 2020, the power of technology came to the fore as countries locked down to halt the spread of the virus and companies turned to digital tools and technologies to help them continue to service their customers.
As we exited 2020, we saw the largest supply chain attack to ever cross our paths. And with that it has become starkly apparent – there is an extraordinary threat to viability and profitability of an organisation that comes with cyber-compromise or attack.
That’s why reviewing your security posture and, if necessary, strengthening your defences should once again be top of your To Do list in the new year. The process to decide upon investing in new technologies to help you detect and respond to attacks is complex. You may think you already have the tools you need, but it’s a broader problem than you think.
Here are three big picture security lessons that will serve Australian businesses well in 2021 and beyond.
Business continuity planning needs to be practiced
Was your business able to keep calm and carry on in 2020, even as government lockdowns and volatile economic conditions put paid to your best laid plans? The COVID crisis represented an extraordinary test for continuity planning which found many enterprises wanting. If yours was one of those left scrambling to respond, a continuity planning check-up may be in order – but rewriting your strategy to include a chapter on pandemics isn’t the way to go. Being resilient in the face of a loss of resources should be the end goal. That necessitates making your continuity plan broad enough to cover a gamut of events, from high-tech attack to mass adoption of remote working, to supply chain attacks to ensure you have the resources required to put it into practice at a moment’s notice. It’s advisable to run through test scenarios to understand if you have the right policies and procedures in place.
Legacy systems need to be monitored
Still relying on legacy applications to run your enterprise? While there may be a host of reasons why legacy protocols and solutions remain in use, they can represent a happy hunting ground for hackers. The pandemic has accelerated adoption for many organisations who are quickly moving to move applications to modern platforms using containers and microservices. You need to be extra careful to monitor applications during your migration, but once you get to the cloud that doesn’t mean smooth sailing. The same principles apply in the cloud as they do on prem. Using the network data to monitor hybrid networks becomes even more crucial to ensuring you can detect and respond to threats no matter where the application sits. While it may be true that applications will be more secure by design, adversaries continue to shift tactics and will be looking for that easy ‘in’ that will allow them to make mischief on your network.
If migrating to the cloud isn’t on your agenda in the short or medium term, conducting a comprehensive technology audit and identifying and addressing any vulnerabilities you find definitely should be.
CISOs belong in the C Suite
2020 will go down in the annals not only as the year of the pandemic but also as a wake-up call for the lengths attackers will go to execute extremely advanced attacks. A surge in malicious online activity – think ransomware, phishing and spear phishing campaigns – hammered home the fact that cyber-crime is an extraordinary threat and one that’s not going away any time soon. Chief Information Security Officers (CISOs) play a vital role in assessing risk, formulating defences, educating employees and advocating for the resources they need to protect the enterprise effectively from attack. They can do so far more effectively from a position of prominence than from the back room. That’s why elevating their role within the organisation – giving them a regular hearing in the boardroom and a permanent spot in the C suite – should be an imperative for Australian businesses that are serious about security.
Making your enterprise safer in 2021 and beyond
The next 12 months will be a time for businesses to regroup and rebuild and for many, that will be no easy task. Elevating your cybersecurity priorities is important but the attitude that you will be compromised must be part of your organisations planning. If network detection and response by monitoring network data isn’t part of your strategy you must consider it. Not only will it gain you unprecedented visibility inside your network (east-west) it is one of the only ways you will detect the stealthy threats that have bypassed endpoint and perimeter defenses. 2021 is a new start, ensure your most important data is protected as you tackle the challenges and opportunities that lie ahead.