Mitigating security risks as a hybrid organization | Techno Glob

The pandemic has accelerated its transition to the hybrid work world. As most organizations today are hybrid, workforces are more spread out than ever before, more data is hosted and transferred to the cloud, and security risks are at an all-time high. Illumio CTO and Co-Founder, PJ Kirner, reveals how business leaders can incorporate zero trust strategies into hybrid work and flexibility plans.

The way we work has fundamentally changed over the past few years, and workplace and business leaders must now determine what protocols to put in place in their organizations to make teams most successful. In particular, the hybrid work model is quickly becoming the norm for many office workers. According to a recent AT&T survey, 81% Business leaders expect hybrid work to be the primary workplace model by 2024, up from 42% in 2021.

This increased adoption of hybrid work comes at a time when the threat landscape is expanding – as organizations continue to accelerate cloud adoption (which creates more complexity and distance in cloud environments) and more devices are connected to the Internet, often out of necessity. Network visibility for devices in the home.

With attacks on the rise (in the past two years, 76% of organizations have been attacked by ransomware and 66% have experienced at least one software supply chain attack), every hybrid strategy must have a cybersecurity component. What business leaders need to keep in mind as they adapt their future work plans to secure a hybrid workforce, increase organizational resilience, and ensure business continuity in the face of today’s dynamic threat landscape.

Adopt zero trust and assume breach

Zero Trust is a cybersecurity strategy that makes organizations more resilient to these attacks. Forrester writes, “zero trust is an information security model that denies access to applications and data by default” – in other words, it undermines inherent trust.

Presumption of breach of zero trust. However, despite zero trust being a best practice, many security leaders don’t believe their organization is at risk. According to research by ESG, more than a third of respondents have been victims of a successful ransomware attack and 90% listed zero trust as a top security priority for the year, with almost half of security leaders not believing it will be breached.

Today, there are breaches tied up Happening There are many ways bad actors can exploit to gain access to an organization, many blind spots and many unknown insiders who can inadvertently put their organization at risk – especially in the hybrid world of work. For example, consider all the remote workers using their local coffee shop Wi-Fi to work or take business calls or work from the hotel down the street — they’re connecting to an unsecured wireless network, and that network could be a vector for an attack.

What’s more, today’s hyperconnectivity adds more risk to the equation as software supply chains grow. Today’s modern organization This must be done Assume a violation. Additionally, with the attack surface widening, organizations must change their security approach to focus on security systems inside out Gone are the days when organizations could rely heavily on perimeter security to focus solely on keeping bad actors outside the perimeter walls—hybrid operations are another thing that reduces the effectiveness of perimeter controls.

Putting Zero Trust into practice

When it comes to advancing or accelerating your Zero Trust journey, the best strategies start with visibility – understanding your entire hybrid environment. You need to be able to accurately understand workloads, applications and communications between endpoint devices (i.e. laptops) across a distributed IT estate, at home, hotel or office, and respond to threats and accurately identify risks.

From there, prioritize. Organizations should focus on reducing their most high-value or risky assets first. Then, you can decide which security controls are best suited to meet your unique operational and environmental needs. Even if you feel the need to jump on the zero trust bandwagon, it’s more important to take the time and analyze your current business situation and future scope before jumping on board. Your high-risk assets need a stronger security posture, but so does the rest of your organization and each of its processes. It’s wiser to take a step back, plan well, and then invest in scalable security that meets your current and projected needs.

make progress now

According to ESG Research, 39% of all security spending over the next 12 months has been earmarked for advancing zero trust initiatives – a key priority for most organizations. In light of this, my biggest piece of advice is to start now. It may be tempting to wait to create the “perfect” plan on paper before making tangible progress, but we’re no safer until we implement security controls. So, make incremental progress as soon as possible.

As hybrid work becomes the norm, so will the risk associated with it – now is the time to mitigate risk and build resilience to attacks. The key to smarter, more efficient, and effective security in our hybrid environment is embracing technology offerings like Zero Trust that enable protection for systems, processes, and resources across the organization. Are you ready to make progress on your smart security path?

How are you building a more resilient organization with Zero Trust? Share with us Facebook, TwitterAnd LinkedIn.

More about hybrid work:

Image source: Shutterstock

Source link