Beyond the Obvious: Overlooked technology considerations in cybersecurity

Nowhere does the theory that the “whole is greater than the sum of all its parts” ring truer than in the current security landscape.

Despite unprecedented spending on security solutions—from Secure Web Gateways (SWGs) and multifactor authentication (MFA) solutions to anti-virus software—as organizations adapt to their own rapid digital transformations, wily attackers continue to slip their defenses and assault valuable assets. In 2021, security vendors raked in just under $20 billion, or 12% compound annual growth rate (CAGR) from 2017. But organizations racked up considerable monetary losses as a result of security incidents that same year, around $8 billion, or a 49% CAGR, from 2017. While organizations are spending more, they also seem to be losing more.

Now that remote work has become cemented on the business landscape and digital nomads abound, security woes have become similarly entrenched. More employees with widely varying needs, working from far flung locales, and taking different, sometimes unusual paths into the corporate computing environments increase risk and create headaches for IT security.

In the rush to the cloud during the unprecedented disruption of the last three years, security clearly was an afterthought for many organizations. But not so for threat actors, who continue to take advantage of the opportunities created by the rapid shift to the cloud and deliver ransomware using Highly Evasive Adaptive Threat (HEAT) techniques.

Despite bumping up security spend, losses abound

For those enterprises and agencies whose security spend has increased and who believed themselves relatively safe even as threats mount, the numbers are sobering—and dismaying. More than 50 percent of HEAT attacks come from categorized websites and a whopping 73 percent of Legacy URL Reputation Evasion (LURE) attacks come from categorized websites, according to research from the Menlo Labs team. Additionally, 42 percent of malware is delivered in archive file formats that some security technologies don’t inspect.

That’s not to say that security solutions writ large fail. They don’t. Every organization needs the essential “ingredients” to building a layered security scheme—many of which can be found in the Secure Access Service Edge (SASE) framework—including cloud-based security technology to secure access to business critical applications and data without increasing friction for users. Some of this technology includes Zero Trust Network Access (ZTNA) solutions, which provide secure and seamless access to web applications, as well as Secure Web Gateways (SWG), whose policies block designated file types and protect and manage applications stored in the cloud.

Security without disruption

Being secure is much more than the sum of those security technology parts. Organizations must think holistically about the level of security that’s being offered and how to accommodate the growing needs of a global workplace by providing robust security no matter where workers are located within the world. That security must seamlessly overcome performance limitations while at the same time offer adaptive routing options—without disrupting operations or compromising the productivity of workers. These adaptive routing options provide a greater level of control over traffic, which help enable organizations to meet performance and compliance requirements.

That last point is particularly important because clunky security methods can impair productivity, making it a harder sell for adoption across a business. Frustrated users often look for work-arounds or disable security measures completely if they can’t get to the information, apps or other assets critical to doing their jobs effectively. And the popular public cloud, which, despite all of its virtues—including infinite computing and storage capabilities—may lead to browsing performance limitations caused by shared IP spaces.

No matter how tempting, a heavy-handed approach to browser-based security—a block now, think later approach, if you will—ultimately does not solve security problems. Having to complete more than one CAPTCHA, for instance, is likely to send workers straight to IT to ask for an exception or compel them to turn off security settings on their machines. Instead, companies should be moving away from that model to offer a seamless approach to security where users can just go about doing their business while security takes care of itself in the background. This means focusing on ensuring global availability and a seamless end user experience as well as making the browsing experience more transparent. Organizations keen on meeting the needs of a global workforce and preventing evasive web threats without compromising productivity should think beyond the most obvious security technology to underpin their security strategies.

Consider what’s commonly overlooked

A number of technology considerations that can be essential to security often fly under the radar and sometimes do not get the attention they deserve. Organizations that want to add more depth and reach to their security strategies should consider the following when it comes time to deciding on the next solution in their security stack:

Go for speed and reach.

Fast, secure Internet connectivity can support a large geographical presence, essential to every company or agency with remote workers located around the globe. Open access to the Internet coupled with isolation technology can keep workers safe against malware and HEAT attacks while giving them the speed and access needed to do their jobs.

Make it personal.

Forget shoehorning traffic into a one-size-fits all approach. With personalized control of traffic organizations can better control over how their traffic looks and address use cases and shifting needs.

Get specific about routing traffic.

Flexible geo-specific routing optimizes traffic flow and lets organizations exert more control over how their traffic is geographically routed.

Go big with prevention.

Prevention at scale through web isolation ensures user productivity by providing open access to the internet while guarding users against all internet malware and HEAT attacks. This approach can ensure enhanced performance across web, email, SaaS applications as well as private applications.

Clear the path for users.

Low latency, high connectivity and flexible traffic routing are necessary to a seamless end user experience. A dedicated address space can give organizations more control over performance, which translates into a better user experience.

Ease friction.

Again, friction brought about by security measures can prompt users to work around them or overload IT support. With global availability in mind, organizations should prioritize strong failure management so end users are less likely to feel the impact of security.

Be consistent.

It’s not good enough to simply have different regions on the map. Organizations should seek consistent security capabilities at every point—not just global coverage, but secure and seamless coverage at each point.

Those overlooked technology considerations coupled with more traditional security technologies can bolster the layered strategy organizations need not only to detect, prevent and remediate threats but also to provide consistent, unobtrusive security to employees at every point around the globe.

The post Beyond the Obvious: Overlooked technology considerations in cybersecurity appeared first on Menlo Security.

*** This is a Security Bloggers Network syndicated blog from Menlo Security authored by Negin Aminian. Read the original post at: https://www.menlosecurity.com/blog/beyond-the-obvious-overlooked-technology-considerations-in-cybersecurity/