In a hyper-connected, always-on world, both citizens and businesses must develop robust, multi-layered cybersecurity strategies to combat the flourishing cybercrime ecosystem.
By Michael de Neuilly-Rice, cyber security architect at NEC XON
These illicit markets have become more accessible, necessitating security strategies and tactics that reflect the increased prevalence of attacks.
Employing defence-in-depth methodologies alongside expanded defences into modern attack surfaces – including cloud-based systems, IoT devices, and mobile endpoints – is crucial. The rise of hybrid work models has expanded the attack surface, making it imperative to include mobile defence layers that address mobility and environmental changes. Perimeter defence alone is now obsolete.
With SaaS solutions being hosted, managed, and controlled by third parties, it is vital to control access to these applications from a network, session, and identity perspective. While modern authentication methods have enhanced identity security, they have also introduced new vulnerabilities. Reckless provisioning and granting of OAuth access without proper policies have created significant attack vectors for cloud resources.
Traditional VPN architectures are no longer sufficient to protect infrastructure from malicious access. Cloud-native Secure Access Service Edge (SASE) solutions offer robust security for both on-premises and cloud resources. These always-on zero trust access solutions protect all resources from any endpoint and location. When combined with secure browser technology, they mitigate popular malware delivery mechanisms and limit initial access vectors.
Consolidation is key when it comes to defensive tools. Extended Detection and Response (XDR) solutions integrate multiple detection, prevention, and response tools into a single platform, increasing Security Operations Center (SOC) efficiency. By ingesting data from various sources such as networks, endpoints, identity providers, and clouds, XDR platforms ensure effective correlation and analysis, transforming millions of events into actionable alerts.
As we transition from offices to airports and coffee shops, we need elastic, scalable, and robust cybersecurity measures to counter the risks of being true digital nomads. Threat actors are evolving and adapting their attacks to this new environment, where our offices are everywhere, and our data is spread across multiple locations and platforms. As the attack surface expands along with our work boundaries, cybersecurity is more critical than ever and will continue to evolve with modern technology.
Will you evolve with it, or be left behind with the other victims?