The last few months have seen enterprise IT changes at lightning speed. The pace is unlikely to slow.
As the pandemic led to national stay-at-home orders, hundreds of millions of workers suddenly found themselves working from home. As internet traffic increases, it’s not only coming from an increased number of remote workers but also from a spike in online video streaming and gaming.
Companies needed to expand and transform their application availability and security perimeters overnight to address the surge in external application traffic and increased security demands. At Radware, many of our large enterprise customers turned to us during this time for guidance on how to maintain business continuity with minimal disruptions under these extreme conditions.
Cloud providers can provide virtually infinite scalability, and we’re seeing many companies accelerate their investment into public environments. At the same time, the increase in working from home has expanded the attack surface, with more people working from desktops on unsecured home networks.
These trends will endure. And it’s time for security teams to develop long-term strategies.
[You may also like: There’s No Silver Bullet to Deal with Cyberattacks]
Attackers Take Advantage Of Chaos
Unfortunately, many companies’ business continuity plans did not envision the effects of the pandemic. Rather, they were focused on disasters that shuttered offices but allowed them to work at backup sites. With many organizations unprepared, attackers have stepped up their responses, and a number of trends will likely continue in the future:
• Expect more zero-day attacks. Most hackers don’t have the technical skills to deploy and exploit zero-day vulnerabilities. Instead, they typically buy tools from organized crime groups. But we’re seeing more zero-day attacks this past year, particularly as it relates to the theft of intellectual property against high-value targets. That tells us that well-funded organized crime groups and nation-state level intrusion teams (the only groups that are likely to have access to zero-day hacks) are taking advantage of the chaos in enterprise IT.
• DDoS attacks are likely to become more prevalent. In March, our cloud DDoS (distributed denial-of-service) mitigation systems blocked 300,000 attacks globally, representing a two-fold increase over February. Increased reliance on SSL (Secure Sockets Layer) connections may make it easier to launch successful attacks with fewer resources because the resources required by the server to handle the handshake are significantly greater than those required by the initiator.
[You may also like: Why You Should Reconsider DDoS Mitigation from Public Cloud Providers]
• Phishing scams and credential theft are much riskier. When the U.S. government announced that it would send $1,200 to adults in the U.S. as part of a pandemic economic response plan, we saw a wave of phishing scams and attempted credential theft. In Germany, the failure to put in place a citizen verification procedure allowed fraudsters to steal millions of euros during the crisis. When businesses rely on remote access and public clouds, stolen credentials offer the keys to the kingdom. Security teams need full visibility into their cloud environments to ensure that the principle of least privilege is being followed.
• Where business goes, bots will follow. As businesses increasingly rely on e-commerce, expect to see an increase in malicious bot traffic, which can tie up inventory, conduct price arbitrage and scrape content.
Security For The Long Haul
The changes brought about by the pandemic are the new normal. When the global economy gets back to work, it’s likely that fewer people will return to offices and more people will work from home. The changes in the enterprise IT environment mean that the threat landscape will also evolve.
Many IT teams are still handling the massive capacity increases and now must also refocus their attention to long-term safety and security of their networks. Here are a few places to start:
• Develop a pervasive and regular employee cybersecurity training program. Through regular cybersecurity training, employees can better identify and react to threats. This should include information about phishing, password protection, etc.
[You may also like: Security Jobs: What’s Hot and What’s Cooling]
• Automate cybersecurity incident responses with security orchestration. Cybersecurity hackers are using automation to boost their attacks, and organizations must counter this by automating their defenses and orchestrating their security policies. Automating incident response activities improves the efficiency and effectiveness of incident response.
• Use machine learning to automate tasks. Rely on algorithms to perform tedious and repetitive tasks. This allows security analysts to be freed up to focus on higher priority responsibilities.
It’s important that executive management heads up the creation of the company’s long-term security plan, and it’s vital to communicate the value and investment of automation and orchestration.
[You may also like: 4 Tips for Securing Your Public Cloud for Remote Work]
Best Practices For The Long Term
• Keep your company productive. The first priority is to keep your company productive in the short-term, which means keeping applications available. In the aftermath of the pandemic, organizations will continue to support remote access to applications to keep people productive.
• Ensure VPNs are available. Virtual private networks (VPNs) may need to be updated to accommodate larger volumes of people and traffic. To protect against a loss of connectivity, VPNs should be redundantly clustered.
[You may also like: How to Protect Your VPN: Lessons From a DDoS Attack Test]
• Invest in IT security tools. The best IT security strategy covers your company for the long term. This means investing in security tools that use artificial intelligence (AI) and positive security models to identify zero-day attacks and partial decryption of SSL traffic for DDoS mitigation.
The decisions and tools that organizations choose now, and the training they provide to their employees, will have enduring effects on security for years to come. It’s crucial that companies get it right.
Note: A version of this article originally appeared on Forbes.com.
work from home is good option and is a kind of necessity in this pandemic situation. Hope this situation will get over soon.
Thanks for the detailed article Anna!
All points are valid and I totally agree that regular employee cybersecurity training programs are a must!
Indeed we are all in a Marathon now or maybe even a Triathlon…
Stay Safe and Be Smart!!!
Article writing is also a excitement, if you know then you can write otherwise
it is complicated to write.
Fantastic beat ! I wish to apprentice whilst you amend your site, how could i subscribe
for a weblog web site? The account helped me a applicable
deal. I had been a little bit familiar of this your broadcast offered vibrant clear concept
May I simply just say what a comfort to find somebody who genuinely knows what they
are talking about over the internet. You actually know how to bring a problem to light and make it important.
A lot more people ought to look at this and understand this side of the story.
I was surprised that you are not more popular because you most
certainly have the gift.
I delight in, result in I discovered just what I was taking a
look for. You have ended my four day long hunt! God Bless you man. Have a great day.
Bye
The Illuminati is an elite organization of world leaders, business authorities, innovators, artists, and
other influential members of this planet. Our coalition unites influencers of
all political, religious, and geographical backgrounds
to further the prosperity of the human species as a whole.
Contact us
Phone: +14433517928
Thanks for finally writing about > Work From Home Was The Sprint, Now Comes The Security
Marathon | Radware Blog < Liked it!
Thank you for every other informative blog. The place else could I get that kind of
information written in such a perfect way? I’ve a mission that I’m just now running on, and I have been at
the glance out for such info.
What’s up, its good article on the topic of media print, we
all know media is a fantastic source of information.
I am really thankful to the holder of this web page who
has shared this enormous piece of writing at here.
Ꮤhat’s Happening і аm new tο this, I stumbled սpon tһіs Ι hace fοund It aƄsolutely սseful and
iit has aided mе out loads. I’m hoping to gіve
a contribution & aid ԁifferent customers ⅼike its helped me.
Grsat job.
It’s hard to come by educated people on this subject, however,
you sound like you know what you’re talking about!
Thanks
It’s awesome for me to have a web site, which is helpful for my experience.
thanks admin
Have you ever thought about writing an e-book or guest authoring on other blogs?
I have a blog centered on the same information you discuss and would love to have you share some stories/information. I know
my readers would enjoy your work. If you are even remotely
interested, feel free to send me an e-mail.
Thank you for every other informative blog. Where else may I
get that type of information written in such a perfect manner?
I’ve a venture that I am just now running on, and I have been on the look out
for such info.
Hi terrific website! Does running a blog like this take a great deal of work?
I’ve very little knowledge of programming however I was hoping to start my own blog in the near future.
Anyways, should you have any recommendations
or tips for new blog owners please share. I understand this
is off topic but I simply wanted to ask. Kudos!
It’s a shame you don’t have a donate button! I’d certainly
donate to this fantastic blog! I suppose
for now i’ll settle for bookmarking and adding your RSS feed to my Google
account. I look forward to brand new updates and will share
this blog with my Facebook group. Chat soon!
I am truly thankful to the holder of this web page
who has shared this enormous paragraph at at this time.
What’s up friends, its impressive piece of writing regarding tutoringand completely explained, keep it up all the time.
You’re so cool! I do not believe I’ve read anything like this before.
So great to discover this!
Admiring the dedication you put into your blog and detailed information you
provide. It’s awesome to come across a blog every once in a
while that isn’t the same old rehashed material.
Great read! I’ve bookmarked your site and
I’m including your RSS feeds to my Google account.
I have read so many posts about the blogger lovers however this article is really a nice article, keep it up.
What’s up, I wish for to subscribe for this web site to take latest updates, so where can i do it please help.
Excellent web site you have got here.. It’s difficult to find good
quality writing like yours nowadays. I seriously appreciate individuals like
you! Take care!!
Whether gambling is healthy for society or not, should not be the question you are
asking yourself. History has proven that people are going to gamble whether it is legal or not.
I was curious if you ever thought of changing the
structure of your website? Its very well written; I love what youve got to say.
But maybe you could a little more in the way of content so people could connect with it
better. Youve got an awful lot of text for only having 1 or 2 pictures.
Maybe you could space it out better?
May I simply just say what a comfort to uncover somebody who truly understands
what they’re discussing on the internet. You actually realize how to bring a problem to light and make it important.
A lot more people should read this and understand
this side of your story. I can’t believe you’re not more popular given that you definitely have the
gift.
I used to bbe suggestedd this blog by my cousin. I am
not posaitive whether this podt iss written thrpugh him aas nobody else reccognise such certain aplproximately
mmy difficulty. You’re amazing! Thank you!
Hurrah, that’s what I was looking for, what a information!
existing here at this website, thanks admin of this site.
She helped me with my homework. She was nice to all my friends. She always cheered me up.
Next year I will graduate from high school. I will go to college. I will do well in college. I will do well after college. My mom has taught me well.
My heart says yes but my mom says no.
Great article!
In terms of readiness, the Pandemic has brought forth a use case of “remote administration readiness” of IT Security Software. This is a challenge, and organisations may, or may not be ready. “Lockdown” is a new use case, and organisations suddenly have to be ready in terms of IT Security Software and Policies.
Also, employees may not connect into the organisation network, or use VPN at all times. This puts the organisation data at risk, and at the mercy of the home broadband.
I wonder what repercussions this has on the strict ODC policies. After all, who would have expected that an employee will not be able to visit the office premises!