There is no better test of defense than war itself. And for many organizations, the first half of 2020 may have felt something of a siege. In many cases, businesses had just a matter of days to scramble workforces into remote working garrisons. When that initial adrenaline wore off, no matter the level of organized management or strength of leadership businesses had, there was a collective and dooming realization that market uncertainty lay out ahead with no determinable end in sight.
In April, when the pandemic was in full force worldwide, TrustRadius reported a cessation of a software ‘spending boom’ as businesses began to cut costs. Marketing software… gone. IT support tech… we can make do. Project and task management subscriptions… they can wait. While enterprise tech fat was trimmed, other solutions took on greater value than ever before. Perhaps most emblematic of this statement, freemium, cloud-based video conferencing tool Zoom’s US$50 billion valuation in May saw it worth more than the world’s seven biggest airlines combined as daily downloads spiked 30x year-on-year.
More broadly, Cloud computing stocks reached record highs, and businesses began to reconsider whether a return to normality was truly the best direction for their organizations, teams, and industries. That initial panic steadily morphed into a drive for innovation and change – things were working, and businesses could do things differently, becoming leaner, more flexible, and more agile. Microsoft CEO Satya Nadella described the phenomenon as “two years’ worth of digital transformation in two months.”
Making cybersecurity central
In this pivotal year for business, the surge in digital transformation is about embracing new ways of working, but it’s also about galvanizing businesses to the sophisticated cyberthreat landscape. One positive to 2020’s turn of events is that industry has realized just what’s possible with today’s technology and that there is no other option than to be fortified against bad actors. The reality is that cybersecurity must be a core component of any business operating online, especially one operating remotely, as is now the norm.
The rising threat of cybercrime this year has been well-publicized. Cybercriminals were quick to exploit the disruption and public angst to their own gain, seeding pandemic-related phishing campaigns dressed as public information messages, even packing malware into fake video conference software installers – attackers played all their hands at once and, as formidable as the threat is, businesses are waking up to what they’re up against.
As workforces disbanded on to various private networks, surrounded by countless connected devices, most businesses’ attack surface was enlarged. This is the reality of an entirely digital playing field. By stepping on the gas in terms of digital transformation, businesses are driving headlong into a hailstorm of new cyber threats, from evermore sophisticated phishing campaigns, ransomware, cloud misconfigurations, zero-day vulnerabilities, insider threats and, of course, the financial clout of associated data leakage fines. But businesses are far from unprepared.
Cybersecurity starts with personnel first, and businesses are now doubling down on implementing robust, airtight cybersecurity frameworks to follow in the event of a cyberattack. The most forward-thinking are gathering and analyzing detailed blueprints of their new and evolving networks, are installing safeguards and bulkheads to stem the devastation of a breach, and are instilling a culture of vigilance among their teams.
But, for all the strength of policy as a fundamental, businesses also require Teflon-coated armor and a lick of matte black paint, courtesy of a more advanced, competitive cybersecurity market than industry has ever had access to before. The enterprise never had better access to more cutting-edge defenses and alert systems to ensure their 2.0 transformation goes unrocked.
According to the IDC, spending on cybersecurity solutions has risen in 2020 and will continue to do so until the end of the year. The global market intelligence firm estimated that up to US$103 billion was spent in security solutions in 2019, a 9.4% increase from the previous year, and representing a trend that’s likely to continue as digital transformation initiatives become inextricably linked with cyber resilience, ensuring confidence in and delivery of business operations day-by-day, minute-by-minute.
In this new era of ubiquitous computing, security solutions don’t just sniff out threats, they serve as control planes for improving productivity and collaboration by giving end-users easier access to more corporate resources, ensuring secure remote access to resources, apps, and data.
Here, Tech Wire Asia explores four cybersecurity solutions geared at ‘new normal’ cybersecurity. The name of the game is Unified Threat Management, a mainstay of the cybersecurity arsenal, with four services that offer varying but rounded combinations of early detection and intrusion detection systems and security tools for proactively monitoring and countering threats to the business network.
Businesses now operate in a world of complex partner ecosystems, bringing vast capabilities and creating a plethora of entry-points for third-party breaches. Your enterprise might be locked down, but weak links may well lie among partners and suppliers, exposing your data and organization to cyber risk.
CyberGRX is a cloud-based platform designed to help today’s organizations identify, prioritize, and reduce third-party cyber risk. Ousting ineffective, static approaches to risk assessment, this sector-specialist has built the world’s largest cyber risk Exchange, featuring 80,000 inherent risk-scored participants and counting, and thousands of completed risk assessments.
From the starting point of the Exchange, organizations can rapidly identify, prioritize and reduce third-party cyber risk in a scalable fashion thanks to the crowdsourced data and insights captured.
Automated inherent risk insights enable organizations to identify who to assess and in what priority. CyberGRX’s comprehensive and standardized assessments produce validated data and risk insights into which third-parties have gaps that require attention, and what gaps should be prioritized for remediation based on the relationship in question.
Ultimately, this resource saves both businesses and third-parties hours of legwork manually assessing risk, and ensures enterprises can operate in confidence with their partners.
As digital transformation drives increased reliance on third-parties and vendors, an innovative and scalable approach to reducing third-party cyber risks is critical for organizations to operate securely in the digital era.
Social distancing regulations and guidelines compelled by COVID-19 have rapidly accelerated the shift to remote work, cloud adoption, and digital transformation. This has been a significant push behind the rapidly growing adoption of BeyondTrust’s Endpoint Privilege Management and Secure Remote Access solutions.
Although Privileged Access Management (PAM) has become a cornerstone of effective, modern cybersecurity defense, many organizations mistakenly equate privileged password management with PAM. But securing passwords is not enough.
What’s needed is a holistic approach to securing your entire universe of privileges across traditional, cloud, and hybrid environments.
The BeyondTrust Universal Privilege Management approach will set you up for success in:
- Minimizing your attack surface.
- Controlling privileged user, session, and file activities.
- Analyzing asset and user behavior.
- Adopting a low-impact approach to PAM.
- Implementing seamless integrations.
Why BeyondTrust may be a good fit for you:
- Provides the most robust, complete, and flexible approach for enforcing least privilege via just-in-time PAM capabilities across the platform, as well as via unsurpassed privilege elevation and delegation capabilities.
- Delivers a truly integrated platform that combines multiple capabilities, including reporting and threat analytics that mitigate risks.
- Jump-starts results with rapid time-to-value that enable customers to achieve leaps in cyber risk reduction and productivity enhancement, in hours or days.
Read more about the security offerings from BeyondTrust here.
Enterprises are endowed with renewed motivations to provide their customers with seamless, personalized experiences. More often than not, these relationships are built and nurtured through applications, often hundreds of them, if not thousands.
F5 Networks’ bread and butter is in application delivery networking technology that optimizes the delivery of network-based applications. The core focus here is enabling better customer experience through speed, reliability, and trust — underpinning that, of course, is a requirement for robust security.
F5’s BIG-IP Application Security Manager (ASM) is one of the renowned exclusive web application firewalls that secure web applications in virtual and private cloud environments. BIG-IP helps secure applications against unknown vulnerabilities. With the continued growth of web application traffic, an increasing amount of sensitive data is exposed to potential theft, security vulnerabilities, which is easily managed on BigIP.
Symantec’s Endpoint Protection is an all-encompassing platform built to defend against the targeted and indiscriminate, and the new and unknown. With a central management console, IT professionals can detect advanced threats such as malware, phishing attacks, and more in an evolving world of cyber threats.
Endpoint Security Customers can leverage Symantec’s insight and analytics platform to collect and collate cybersecurity data from over 200 million systems in 200-plus countries. It uses this data to identify and create a security rating for every file accessed through the Internet. As a result, it stops targeted attacks and advanced, persistent security threats with a degree of protection that far exceeds traditional antivirus software capacities.
Deployed as an on-premise solution, Symantec Endpoint Protection offers unified management across physical and virtual platforms, with granular security policy controls for enhanced flexibility and scalability, and the capability to run on several operating systems, including Windows, Linux, and Mac OS X.
*Some of the companies featured on this article are commercial partners of Tech Wire Asia