Remote work will provide abundant opportunities for cybercriminals, says a Juniper Networks study
With the significant rise in remote work due to the on-going pandemic, businesses in India are challenged with finding new ways to leverage IT to deliver a successful work-from-home operating model, while ensuring reliable and secure connectivity. “The 2020 pandemic exposed gaps in network security postures that no one could have foreseen,” says Laurence Pitt, global security strategy director, Juniper Networks. “Unsecured home networks, use of BYOD (bring-your-own-device) and siloed operations made previously visible threats on corporate networks invisible, hidden on home networks.”
The net result: Cybercriminals took advantage of this expanded attack surface to launch phishing, vishing and ransomware attacks. In a recent survey of a thousand CIOs and CISOs across nine countries conducted on Juniper’s behalf , 73% stated that “In light of the recent pandemic, my organisation’s network and security has sometimes struggled in terms of the added business demands that have been placed upon them.”
With that sobering statistic in mind, life won’t return to “normal” anytime soon, and the need for employees to work remotely will remain, says Pitt. “Organisations need to pause and rethink how they approach security to support this new paradigm with a focus on increased visibility and faster response. Otherwise, cybercrime will continue to evolve and take advantage of remote working as the easiest point of entry into their network.
Security budgets to suffer in 2021
According to Pitt, cybersecurity has been one area where investment and budget growth are constant. The security team has positioned successfully with insights and future trends, and the business sees strength in security as both a regulatory need and a competitive advantage. “However, in 2020 we saw a change: investment had to be brought forward to support remote working, and a rapid move into cloud-based software services, all driven by the pandemic. Now, 2021 may see reduced spending on security, and an increased need to demonstrate fast value from previous security investments.”
As per the Juniper survey, 70% stated that “The pandemic may limit and restrict my organisation’s future planned spending on network security.” To prepare for this possible outcome, security teams need to think differently and leverage existing solutions more effectively, or deploy changes such as connecting to a secure DNS service, which would only carry minimal implementation costs.
Availability and accessibility puts data at risk
Pitt says, “With more employees requiring access to more information, from more places, at all times, we’re likely to see a spike in data breaches and exposures in 2021.” Too often, the business need to provide data is prioritised over safeguarding information and restricting data access, meaning more databases of information are available for malicious actors to potentially access and exfiltrate. “Combined with the adoption of 5G, which enables both attacks and data theft to happen faster and more discretely, it is likely that 2021 will suffer from growth in data theft,” he adds.
To reduce the risk, he said that organisations need to consider basic security best practice before making any access changes to business data:
Make sure that passwords are complex and regularly updated
Ensure that role-based access is implemented to restrict and control overall access
Heavily encrypt data, both at rest and in motion.
Rohit Sawhney, systems engineering manager, Juniper Networks India, says, “To enable a robust remote workforce, organisations will require the agility to adopt new technology. Building new IT infrastructure on top of legacy systems within data centres is no longer the solution. In this era, cloud will lead the way. As such, it is paramount that security remains at the core of this new technology adoption amidst a new wave of remote workers.”