From an interaction with Edgar Dias Managing Director India & SAARC, F5 networks.
What are the Cybersecurity trends that are shaping today’s security model?
Digital transformation is completely reshaping the way organizations do business, and apps are at the core of this. By using app services on the multi-cloud environment, organizations can pursue new business models, innovate their offering, and enhance the customer experience to drive business growth and revenue. According to the recent APAC 2020 F5 State of application report, 98% of organizations depend on the application to run their business.
As apps are the doorways to company’s data and IT systems, they are at the top of a hacker’s hit list. Today, cybercrime tools have become commoditized and easily available, resulting in a corresponding rise in the number and types of attacks. At the same time, targeted attacks, such as those from organized crime, are becoming more sophisticated – leading to negative business impacts such as application downtime, compromised sensitive data, and fraudulent transactions.
Two key cybersecurity trends that are shaping today’s security models in 2020.
- Application visibility : With enterprises relying on modern application architectures to deliver digital experiences to their customers, deploying and managing services across multiple environments and locations on a secure infrastructure is often a challenge. The digital shift has broadened the application footprint (consider different and expanding form factors like web, mobile, APIs, microservices, bots). According to the latest F5 State of Application Services Report, Asia Pacific edition, 90 % of Indan organization are digitally transformed. However, modern application architectures are diverse and extend across hybrid and multi-cloud environments, with each app service carrying a potential for compromised and increased exposure. Hence the need to protect app service has become increasingly vital as the attacks are more at the app layer, and with a wider sprawl of applications deployed across different environments, visibility is the key. Applications that are not visible in a different environment cannot be protected. Hence, data collection from multiple endpoints and correlating the same to make sense of the threats, are both facing a challenge and an opportunity.
- Securing your API : API use has been transformative, enabling new business models and revenue streams. Implemented without adequate guardrails, however, APIs also have the potential to disrupt and put businesses at risk.
Zero Trust a niche trend or the mainstream security model of the future?
With the rise of sophisticated attacks, new security measures need to be adopted to restrict them from spreading laterally once a hacker gains access to a system. Traditional security models were meant to keep known perimeter threats out, while threats that get through are left invisible, un-inspected and free to morph and move wherever they choose to successfully extract sensitive, valuable business data. Zero Trust, rooted in the principle of “never trust, always verify,” is designed to address lateral threat movement within the network by leveraging micro-segmentation and granular perimeters enforcement, based on user, data and location. CISOs and other corporate executives are increasingly implementing Zero Trust strategy to support their move into the mainstream security model, as the pressure to protect enterprise systems and data grows significantly, and as attacks become more sophisticated.
How is the BYOD work culture impacting Cybersecurity?
As businesses embrace digital transformation and new ways of working, keeping sensitive information safe is a growing challenge for employers. Bring Your Own Device (BYOD) phenomenon continues to cause big problems for organizations across the board and this is even more challenging with the current remote working environment. Despite the heightened awareness of security risks, many organizations still lack a sense of urgency in addressing issues around their mobile security strategies.
As more employees use personal devices in the workplace, enterprise IT has had to make tough choices: support BYOD initiatives despite having limited security controls, impose complete control over employees’ devices using MDM solutions, or reject BYOD initiatives altogether. Enterprises need to invest in technologies that enable IT to make intelligent BYOD choices that benefit both the company and employees; it gives IT the control and flexibility it needs to protect corporate resources without restricting an employee’s use of the device or infringing on their privacy.
The key impact of BYOD work culture to cybersecurity are: –
Data Leakage: – With the current flexibility of modern workplaces and increased usage of mobile devices, the points from which data can leak are increasing. Data leakage takes place when employees can access corporate data.
Expose vulnerabilities: – If employees download unvalidated, unsecure applications and connect to public Wi-Fi spots without enough protection measures, it can result in serious security loopholes. Furthermore, if employees disregard directions to install the latest security updates on their mobile devices, the chances of attackers getting a hold of their stored data are high.
As such, any bring your own device policy should require employees to install validated security app services on their devices.
With Corona Virus pandemic ushering in an unprecedented remote working model, how are you combating the increase in security threats?
COVID-19 has disrupted daily life across all continents. It has led to work from home policy worldwide, including F5. Organizations today need a secure model to provide users remote access to their network and all of its resources. Attackers are now utilizing the pandemic as a way to try to blackmail organizations and extract money for critical exposed data.
During this time of crisis, customers are leveraging F5’s BIG-IP Access Policy Management solution to ensure that their teams can remain secure and work productively from home. Besides, it also enables our customers to get full access to any approved application from a single web page upon authorization and authentication, regardless of where the application resides.
How is the pandemic changing the face of security in India?
According to a report released by F5 Labs 2019 Application Protection Report, Phishing continues to be a major source of profit for cyber-criminals, and a big hassle for cyber-defenders In a pandemic of this scale, with cases of coronavirus reported in more than 150 countries -our dependence on digital communication increases tenfold. Today threat actors are sending phishing and BEC emails disguised as government announcements. Fraudulent emails have included logos and other imagery associated with the Centers for Disease Control (CDC) and the World Health Organization (WHO)
E-mails include links to items of interest, such as “updated cases of the coronavirus near you.” Landing pages for these false links may look legitimate, but the sites are often malicious and may be designed to steal email credentials.COVID-19 pandemic requires changing our social habits and routines to impede infection rates, a change in our online behavior can help maintain high levels of cybersecurity.
What information security strategies do you see coming to the forefront in the current scenario?
The COVID-19 crisis has changed the lives of people in unprecedented ways. With travel bans, lockdowns, and imposed quarantines, It is certainly not business as normal. Companies are actively reviewing their efforts to gauge the right levels of support for their people and to ensure business continuity. It is about reimagining business and collaboration models. Leaders need to be ‘human-first’ and think about employees, customers, partners, and the community.
Organizations need to respond quickly to unprecedented changes in work schedules, remote access to applications, and a spike in networking and data demands. Any of these can result in sluggish application health and performance due to over-taxed resources.
In a traditional remote access configuration, all traffic flows through the remote access service. In the case of SaaS, this means app traffic bound for a cloud destination is routed through the remote access service. With F5 BIG-IP Local Traffic Manager (LTM) that stands in front of your web applications, an organization that is leveraging it can inspect, manage, and report on application traffic entering and exiting your network. It also optimizes the speed and reliability of your applications via both network and application layers.
What are the new trends in cyber threats that you are facing amid the COVID 19 pandemic? How are you tackling those?
Many cybercriminals are seeking to exploit our thirst for information as a vector for attack. Most commonly, as with other high-profile events, attackers are using COVID-19-themed phishing e-mails, which purport to deliver official information on the virus, to lure individuals to click malicious links that download Remote Administration Tools (RATs) on their devices.
Attackers are also taking advantage of the fact that many people who are working from home have not applied the same security on their networks that would be in place in a corporate environment, or that enterprises haven’t deployed the right technologies or corporate security policies to ensure that all corporate-owned or corporate-managed devices have the same security protections, regardless of whether they’re connected to an enterprise network or an open home Wi-Fi network.
In this critical time, business leaders have a heightened responsibility to set clear expectations about how their organizations are managing security risks in the new work environments, leveraging new policies and technologies and empowering their employees.
Understand the threats to your organization. The business should work with their security teams to identify likely attack vectors as a result of more employees working from home and prioritize the protection of their most sensitive information and business-critical applications.
Provide clear guidance and encourage communication. They must remind their employees to stay vigilant against cybercrimes and ensure that home-working policies are clear and include easy-to-follow steps that empower employees to make their home-working environment secure. This should include instructing employees to communicate with internal security teams about any suspicious activities.
What would your advice be to other CIOs/CISOs in these tiring times?
While cybersecurity has been at the center stage for digital organizations for the last few years, now with the majority of the workforce adapting to a work from a home model, organizations are having to re-think elements of their approach to security for a truly borderless organization. There is a huge amount of global uncertainty and change right now which criminals are seeking to capitalize on. The risks are amplified by the immediate and unforeseen IT challenges that companies are having to ensure of providing access to confidential data to staff who work from home. Two areas are most likely to result in a cybersecurity incident due to the ongoing crisis: remote access and phishing.
In the current situation, I would suggest CIOs / CISOs evaluate their business continuity plans and ensure there is enough capacity to accommodate remote access and application availability without compromising on security. This means revisiting decisions on access rights, IT capacity, and risk posture.
