By Alvin Rodrigues, Field Chief Security Officer, Infoblox
Flexible work arrangements have come to be the norm in many workplaces in the post-pandemic era. Some job seekers in Singapore even turn down opportunities that do not allow for remote work. At the same time, some companies have adopted remote work arrangements permanently.
While employees may be celebrating the liberty to login to work from anywhere, having workers accessing corporate networks from outside of the office poses a new set of challenges for company IT teams.
Most importantly, remote work has increased the vulnerability of corporate networks, making them more prone to cyberattacks. Through increased attack surfaces, heavy reliance on cloud computing, and a lack of cyber hygiene – IT teams are in a race against time to find a solution to protect themselves before bad actors infiltrate their networks.
Data in Distress
Security used to follow the corporate network's on-premises boundaries. However, with today’s hybrid work situation, companies must extend their security defences that far beyond their office spaces.
Accessing the corporate database from an unsecured home network does more harm than one thinks. What more when doing so using non-enterprise grade home devices, such as home personal computers with little to no cybersecurity protection? For companies, the more attack surfaces are exposed – the higher the chances for a cyberattack.
Data is the core of a company’s operations. The implications of a cyber-attack on the corporate database are hard-hitting – downtime in operations, reputational damage, and heavy financial costs. Despite these consequences, there is still a lack of cyber hygiene among many workers.
In Singapore, a recent report by the Cyber Security Agency (CSA) revealed that phishing scams and ransomware attacks topped the list of the most commonly reported cybercrimes against organisations and individuals. In the first half of 2022 alone, Singaporeans had fallen prey to almost 2,300 reported phishing scams – almost a 50 percent jump from the same period in 2021. Small-medium enterprises make up most of the targeted organisations for ransomware attacks, signalling a need for these organisations to improve their network security.
Zero is the Hero
Many company IT teams are adopting a zero-trust architecture when designing their data flow and network. A zero-trust framework posits that no data traffic can be trusted. Under this framework, all data is subjected to restriction, reauthentication, and validation at every point. Nothing gets past unnoticed, and all activity is verified and screened. With zero-trust, companies can safeguard every software or device that gets connected to the network.
Zero-trust maximises the level of security at every checkpoint, enabling companies to monitor every movement across their networks. Through changing the trust model, companies can enhance their network security and make it easier to build and maintain, while limiting the implications of an attack through mitigation and early detection. In the process of doing so, they lower the chances of financing losses and rebuilding their network systems because of scams or a malware attack.
Zero Trust is a Must
The pandemic had spurred organisations to adopt the zero-trust framework, but current geopolitical tensions are accelerating this, as existing systems can no longer protect the network from these complex attacks. Singapore’s Minister of Communications and Information Josephine Teo recently reiterated the urgent need to adopt the zero-trust framework, highlighting how it not only defends systems but also builds resiliency against potential attacks. However, transitioning from traditional architecture will take time.
When it comes to zero-trust, modern DDI systems play a foundational role by granting security teams the highest form of visibility. DDI is unique in that it can correlate network activities to the responsible device, which enables organisations to pinpoint where threats are originating. In addition, more than 90 percent of threats touch DNS, the first D in DDI, entering or leaving the network, which makes DNS security an excellent tool for accelerating the security's threat hunting capabilities.
Today, companies need to focus on improving their team’s threat hunting capabilities. Through this, companies can facilitate remote working without adding additional strain to their cybersecurity systems as threats can be detected much earlier.
For instance, when DNS security detects and blocks a user request to access a malicious site, it can automatically trigger the network access control system to quarantine that user into a sandbox. This allows the incident to be analysed or investigated safely, dramatically reducing the effort and time needed to track down and isolate infected devices.
Zero-trust is the hero for today’s security systems, offering preventive measures for cyber-attacks. It helps organisations tighten their defences and improve visibility across all checkpoints – making it possible for companies to have far-reaching set ups but still connected to a safeguarded network.