As hackers leverage advanced technology to circumvent traditional firewalls, organizations need to up their security ante to keep their data secure, writes Prajit Nair, Director Sales- End User Computing, VMware India.
“The current situation is ushering in a new world of remote working models which were so far being used partially but are now becoming the new norm. This norm will lead to information security solutions being deployed not just within the corporate boundaries but also individual homes, thereby extending the boundaries of the organization.”Prajit Nair, Director Sales- End User Computing, VMware India
What are the cybersecurity trends that you are witnessing in the market today?
The rapid pace of technology evolution has also led to increasingly sophisticated security threats. As hackers leverage advanced technology to circumvent traditional firewalls, organizations need to up their security ante to keep their data secure. In addition to the deployment of traditional perimeter defence, some of the newer cybersecurity trends include datacentre and apps micro-segmentation, identity authentication and validation, role based access controls to apps and data, “Zero Trust” security architectures for users and devices &intelligence driven advanced EDR solutions. Many organizations have implemented discrete security solutions for different aspects of their infrastructure and operations. Given the vastly evolved threat and risk landscape, managing a siloed security infrastructure can prove to be time and effort intensive and ultimately not quite successful. Intrinsic security strategies that protect the infrastructure from the data center to the endpoint are the way forward.
How will the Corona Virus pandemic and the rushed remote working model, change the face of security?
The current situation is ushering in a new world of remote working models which were so far being used partially but are now becoming the new norm. This norm will lead to information security solutions being deployed not just within the corporate boundaries but also individual homes, thereby extending the boundaries of the organization. Phishing remains one of the most common and effective means for an attacker to gain initial access to their victims’ environments. Businesses need to stay ahead of cyber criminals to ensure they remain protected. The need to keep data secure is more urgent than ever. With such an imposing array of threats from both inside and outside, IT leaders might be led to deploy a patchwork of different security solutions to address each threat. A “zero-trust” approach must be applied to all endpoint devices, including desktops, laptops, tablets, and smart phones. Although mobility is an important productivity enabler, mobile devices are susceptible to misuse if not protected with strong authentication, validation and role based access to apps and data. In the current pandemic led remote working models this is of critical importance as a mere VPN cannot ensure enterprise security if the home network and device are unprotected. The home device / network can prove to be a gateway to the enterprise for cyber criminals.
A highly recommended approach is to implement unified endpoint management, which can help ensure access to all resources from a broad variety of end-user and IoT devices across global networks. Only by deploying a full array of security technologies designed to work together in an integrated framework, can an organization embark on the journey of digital business with confidence.
What are the new modes of attacks that hackers are shifting to amid the pandemic?
According to a report released by VMware’s acquired security firm Carbon Black, more than 50% of recent cyber-attacks happened due to Island Hopping. Island hopping is a term used to describe the process of undermining a company’s cyber defenses by going after its vulnerable partner network, rather than launching a direct attack.
Infiltrating the smaller and often less secure partner firms allows attackers to gain a foothold in a connected network, and then exploit the relationship between the two companies to gain access to the bigger target’s valuable data.
At present, there are three main forms that island hopping takes, although new forms may manifestthemselves in the future:
“Network-based island hopping” is the most well-known variant, where an attacker leverages a victim’s network to hop’ onto an affiliate network. Attacks on managed service providers(MSPs) are an example of this, where cyber criminals have been exploiting weak account credentials to access systems installed by MSPs to launch ransomware attacks.
“Websites converted into watering holes” is another growing island hopping method. Hackers insert malware into a smaller company website often frequented by a large organisation for e.g the favourite food ordering/supplying partners website or a partner organization website which the large organization employees access. This malware then infects individuals of large organization coming to use that site. Attackers are then able to use that information to get access to the target large organisation.
Reverse Business Email Compromise (BEC) is a new trend, which has been seen in the financial sector. Hackers take over the email server of the victim company and uses email to send malware attacks to a target company from the trusted recipient.
Organizations are vulnerable to island hopping because it only takes one weak link in the chain of companies they depend on to open up systems to an attack.
What is your portfolio of products and solutions offered for a secure remote working model?
Unplanned situations and travel restrictions make it nearly impossible to continue “business as usual.” To ensure that one can continue operations normally, organizations need to enable their employees to work remotely while maintainingthe same level of productivity, connectivity, and provide for continuous, secure access to applications across endpoints.
VMware is well equipped to enable remote workers with flexible device choice and deliver business-critical virtual desktops (VDI) and applications to any corporate-owned or BYO device. We can deliver cost effective solutions like Remote PC which enables corporates to connect their users home PCs/laptops to their corporate physical PCs securely.
Companies can also deploy Workspace ONE to enable remote employees to connect throughtheir personal device and empower them with everything they need to be productive. Through the Workspace ONE Hub, employees get immediate access to an entire set of business applications, network share and folders with seamless SSO to all cloud and data center apps, including Horizon virtual desktops and applications as needed based on job functions.
With VMware’s Horizon 7 and Horizon Cloud, IT teams can quickly provision virtual desktops and applications across on-premises, hybrid and multi-cloud environments to enable remote workforce to securely access Windows resources from anywhere. We can enable our Horizon cloud in partnership with providers like Microsoft Azure, VMC (VMware cloud on AWS) and other cloud providers. Our field teams can guide our customers toscale physical or cloud capacity to meet their growing demands in current times.
We also offer VeloCloud, which enables remote connectivity, bandwidth and priority. Customers can also accelerate their business application performance through VMware SD-WAN by VeloCloud for both branch and at home users, delivering simple, reliable, better secured, and optimized access to traditional and cloud applications.
Another offering is Carbon Black- a cloud security EDR (Endpoint detection and Response) platformthat delivers the entire protective suite of harden, prevent, detect, and respond for endpoints and workloads spread across the globe.
As organizations of all types shift to work from home—government, healthcare, financial services, customer support, and others—they need to enable employee access to the specific desktop and application configurations necessary to perform their roles remotely.
What role is AI playing in devising a cybersecurity model?
Solutions like Workspace One along with the Carbon Black integration playa major role in leveraging AI to deliver cutting edge security. VMware’s Workspace One Intelligence platform offers enterprises complete visibility into their digital workspace landscape and helps them gain deep insights that enable data-driven decisions. Companies can then detect and automatically remediate security vulnerabilities at scale with Carbon Black EDR by quickly identifying out-of-compliance devices, leveraging CVE and threat intelligence, with the latest security patches while automating access control policies based on user behaviour.
Another prominent security benefit is the collaborative efforts with third party security vendors through the Workspace ONE Trust Network. This network allows us tocombine insights from VMware Workspace ONE and the common vulnerabilities shared by our Trust partner network to deliver a comprehensive enterprise security approach to protect the users, apps, endpoints and networks.
VMware’s Carbon Black offers threat intelligence that helps better protection to our customers and strengthens the cybersecurity by delivering research, solutions, and strategies that help minimize threat impact, decrease attacker dwell time, inhibit lateral movement, and suppress intrusions. Thisactually enables a complete cohesive solution for customers – Workspace OneIntelligence which has analytics built into it with recommendations from other security platform vendors through our Trust Network and finally remediation through our Carbon Black EDR solution.
What are the CIO/CISO challenges that you are resolving?
As concerns over the scale and impact of the current situationcontinues to grow, organisations need to carefully consider their actions to best strategizehow they can maintain business operations while ensuring their corporate infrastructure is secure and government advisories are met. The CIO and CISO have vital roles in making sure an organisation can function to its optimal bestwhile pandemic containment measures are being implemented.One of the key challenges we address is delivering consumer simple and enterprise grade secure access to all apps and data on any device through our digital workspace solutions. We are helping CIO/CISOs to quickly scale up on demand with our solutions and offer various options like on-prem, cloud or hybrid models to meet their business objectives. BCP(Business Continuity Planning) is top of the agenda for CIO/CISO right now and we offer comprehensive solutions to meet those demands. In additionwe at VMware offer strategic solutions for the data centre through our SDDC solutions, private and hybrid cloud solutions, application modernisation and management solutions and cloud security solutions.
With reports coming in that countries that have largely shifted to a remote working model are experiencing an increased number of cyber-attacks, what is your strategy for preventing the same from happening in India?
As we navigate this rapidly evolving situation, the future of work is changing. As the work-from-home model becomes the norm and work itself becomes more distributed, we will continue to build infrastructure and technology solutions optimized for the workplace of the future. Our focus continues to be on securing remote users, delivering digital workspaces on organizational or personal endpoints to access critical applications. We continue to protect all endpoints that are accessing organizational assets remotely. Accelerating performance of organizational applications on remote connections while providing elastic capacity to scale new users instantly and on demand continues to be our priority.