As we dive into 2021, cyber security issues continue to grow in complexity and frequency. The new era of the hybrid worker is exposing more vulnerabilities in the enterprise operation.
With change comes opportunity as well as vulnerability, so to ensure our customers have the appropriate cyber security controls in place to transform with confidence, Logicalis have prepared a short overview on what the essentials are to look out for to keep you covered.
But first, let’s start with what the market is saying about the security landscape and what’s going to cause the biggest problems for CISO’s this year.
What are the essentials to focus on in 2021?
TechHQ, Forbes, Security 7 and several other global thought leaders are predicting the following themes to emerge in 2021:
- Remote workers will be a prime target
- Security budgets will be cut, putting more stress on CIO's and IT roles
- Financial organisations will fall prey to cyber predators
- The rush to cloud will see many loopholes not dealt with, exposing risks to organisations
- Ransomware will remain
- 5G may bring it's own set of problems
- Detection as a preventative, protection as a cure
With potential threats coming from every angle, it’s hard to know which are the most important gaps to address. TDL recommend taking a risk based assessment of fundamental controls that enable you to maintain confidence in your security posture whilst balancing function and cost. In making security as simple as possible for our customers, we have aligned our security pillars to the key building blocks of an IT strategy.
Recommendations for security essentials
So what are the things that are a must do to provide optimal coverage?
Ensuring the tools, systems and practices to maintain a secure operating environment.
At a minimum you should be covering:
Cyber awareness training for staff
With email filters having an average 7-10% failure rate, on-demand interactive security awareness training will help manage the ongoing problem of social engineering to create a strong, human firewall as your last line of defence.
Penetration and vulnerability testing
Infrastructure penetration testing identifies and verifies the exploitable vulnerabilities in your systems. Intelligence is gathered about your organization to gain unauthorized access. We report back on this for remediation.
With a dispersed workforce securing the identity of your workforce is key to securing your sensitive information.
The key focus areas are:
Multifactor authentication (MFA)
Passwords are an important first line of defence, but as with any defensive posture they work best with additional measures in place. MFA is one of the simplest and most effective methods to improve your security posture.
Identifying what to trust is difficult and time consuming. Taking the default position of trusting no one and selectively authorising access provides the certainty you need to work anywhere any time.
With the rise of remote working, securing the endpoint has become more important than ever. Ensuring applications are updated and policies are enforced gives trust in the tools we use.
You need to consider:
Device and application patching
Patching is in the top four of all security protocols for a reason. Unfortunately not many business have budget for a FTE to push out patches. This can be overcome with a custom TDL patching solution.
End Point security software - installed across fleet
The endpoint has changed, the days of sitting at a desk are over. Implementing a solution that protects the endpoint, be that a mobile device or laptop is key to a secure environment.
TDL recommend a cloud-native endpoint protection such as Carbon Black to reduce the attack surface and strengthen security posture.
So where do you get started?
With a number of frameworks and recommendations out there, it’s easy to be blinded by the level of information. TDL recommend choosing one that can provide holistic coverage across the most vulnerable areas and establish physical, administrative and technical controls which can scale and adapt to changing conditions and threats over time (e.g. zero trust architectures).
The struggle with managing cyber security risks is real and complex but our Security essentials can set you on a path to confidence. We combine best-in-class technologies with a proven methodology so you can securely scale your organisation and achieve your business goals.
Contact Naveen Shettar (email@example.com) for more information.