TAKING AN INTEGRATED APPROACH TO SECURITY TO IMPROVE CYBER-RESILIENCE
Cybersecurity is a priority for all organisations today , given the shift to remote and hybrid workforces , but many CISOs have an overwhelming stack of security products which they may not be getting the best out of . Nick Savvides , Director of Strategic Accounts for Asia-Pacific at Forcepoint , highlights how an integrated approach may be one solution for managing tool sprawl , as well as how Forcepoint is helping customers to navigate this new environment .
cCan you give us some insight into what the threat landscape looks like for organisations today ?
The threat landscape has continued to evolve . In 2021 – and into 2022 – most of the challenges that organisations face are related to users and their data , particularly because many organisations are still operating with a remote working environment . We ’ re moving from the response phase of remote working to the ‘ business as usual ’ phase . This means that tools , processes and technologies need to adapt .
Ransomware is also still likely to play a big role in certain industries , with a change of focus from corporate environments to critical infrastructure , manufacturing , healthcare and government settings .
Tell us about the impact of work from home policies , including on individual employees and the consequences for security ?
What was impossible from an IT or a cybersecurity perspective at the start of 2020 became possible by April . We made compromises in the way we dealt with security , such as policy changes that allowed remote access . Over the last 12 months , some of these changes have become more permanent . Organisations have rolled out improved VPN environments and made their applications more available through the cloud and adopted more cloud services to enable employees to work from home .
However , the ability to monitor employees ’ web access and block certain activities has become more difficult and there is no longer the social pressure of being in the office . The number of targeted attacks being sent to users via email channels are increasing because they ’ re expecting more information that way .
How complex is today ’ s environment given that many workforces are now hybrid ?
Pre-pandemic , we would optimise for the workplace . We had 80 % of employees
Don ’ t treat cybersecurity as a technology-only problem . It ’ s a business problem . in the office and 20 % remote . Then , as employees were sent to work from home , the bulk of the workforce became remote and organisations adopted a separate security stack for remote people .
Now we ’ re working in a scenario where workforces are hybrid , which means managing two separate large environments . If you don ’ t have the same level of efficacy across both , then that ’ s where the attacker is going to go . If you don ’ t have the same level of visibility , that ’ s where problems are going to manifest .
In a hybrid world , you need to be able to operate in a way that provides universal control , visibility and , importantly , efficacy across both environments .
What does your data show about the steps that companies and employees have taken to protect against the risks of hybrid work environments ?
Some organisations were well prepared for the transition because they were already on a transformation journey . They wanted to be more agile and productive , with employees empowered by technology . Organisations that weren ’ t prepared were the ones that struggled most . Those who thought that Digital
78 www . intelligentciso . com