Attackers thrive during times of uncertainty and there is plenty for them to target at the moment. The pandemic forced organisations to change working practices to adhere to work from home mandates, in some cases overnight.
The remote working hybrid model is likely to continue for the foreseeable, with some organisations considering this change permanently. This shift to a remote, distributed workforce has led to a higher volume of critical and confidential information being transmitted electronically. Security leaders must ensure that their strategies are in lockstep with business priorities and can effectively communicate the security programme to business asset owners
The ability to quickly spin up and connect modern assets to the corporate environment is critical to digital transformation.
Things to consider include controlling access to data, both while in storage and transit and to utilise endpoint protection on devices that are being used to access corporate data. Organisations should look to scan devices and applications to ensure that the latest software version is being used as this will reduce exposure to vulnerabilities attackers typically target.
The ability to quickly spin up and connect modern assets to the corporate environment is critical to digital transformation and work from home initiatives.
Tenable.ep is the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change. Tenable.ep combines the company’s industry-leading products like Tenable.io Vulnerability Management, Tenable.io Web Application Scanning, Tenable.io Container Security and Lumin into one platform, enabling customers to see all their assets and vulnerabilities in a single dashboard alongside key threat, exploit and prioritisation metrics.
Moreover, Tenable.ep’s single, flexible asset-based licensing model frees organisations to dynamically allocate licenses across all asset types according to their unique attack surface and modify as their environment changes.
Organisations need to think through how any changes made affect their threat landscape and introduce controls to limit or address this risk. In tandem, focus must also be placed on securing accounts, employees, service contractors, temporary workers, systems accounts and others and their access to and permissions across systems.
It is clear that securing VPN solutions is critical.
Tenable’s research team analysed disclosed cyber breaches in 2020 and identified that, for the vast majority of incidents, it was known vulnerabilities that continue to be the favourite attack methodology for attackers. Finding, and patching, critical vulnerabilities will close off entry points that most threat actors look to exploit.
In 2020, pre-existing vulnerabilities in virtual private network, VPN solutions were a favourite target for cybercriminals and nation-state groups. Organisations that have yet to prioritise patching these flaws are at extreme risk of being breached. Add in the dramatic workforce changes necessitated by the Covid-19 pandemic and it is clear that securing VPN solutions is critical.
Certifications and training help staff remain updated on the latest trends in security risk management.
Tenable’s cyber exposure management solutions enable organisations to take a holistic view of their infrastructure, from cloud environments to operational technologies, infrastructure to containers, and remote workers to modern web apps to identify those assets and systems that are critical to function, determine which vulnerabilities exist within these core areas that are being actively exploited and update these systems to fix those flaws first.
Active Directory is used by 90% of Fortune 1000 organisations as their primary method for authentication and authorisation, according to Frost & Sullivan. Its ubiquity makes Active Directory a favored attack vector for bad actors who use its misconfigurations to move laterally across systems and escalate privileges. Tenable.ad enables organisations to see everything, predict what matters, and act to address risk in Active Directory to disrupt attack paths before attackers exploit them.
Recommendation for CISOs
• Certifications and training help staff remain updated on the latest trends in security risk management. This can also improve staff retention which reduces costs and improves organisational stability.
• In considering training, it is also important to consider the type of training and provider.
• Investing in professional services at the start of a project to train staff to properly use advanced tools can ensure that costly technology is effectively used. Investing in a technology tool is important, but it is equally important to assure that the tool is used effectively.
• Investing in services to provide a clear roadmap and training in the beginning can save many hours of frustration and failure later.
• Bespoke training, rather than general courses, may be particularly worthwhile if the service provider can work directly with an organisation’s tools or provide unique expertise on a new and advanced technology.
• Staff need good mentors. Bespoke professional services and training provides this critical support function.
Security leaders must ensure that their strategies are in lockstep with business priorities and effectively communicated to business asset owners.