The COVID-19 pandemic has pushed companies into a remote workforce situation that many were vastly unprepared for. Remote workers don’t have the same protection as they would have in the traditional corporate network.
This has not only increased the burden for IT teams, but without advanced cybersecurity in place, has widened the attack surface, giving attackers more opportunities.
So says Jeremy Matthews, CEO of Panda Security Africa, adding that in the past few months, IT teams have had to focus their efforts on connectivity, business continuity and data access for remote workers. “As a result, securing the remote workforce has taken a back seat, leaving endpoint exposed and vulnerable.”
Over and above having to secure remote workforces, Matthews sees machine learning and AI as being hugely influential in the cybersecurity movements he has seen recently. “Big data analytics enables cybersecurity researchers to observe and investigate more information than they could have managed in the past.”
He adds that insights drawn from this process are being used to identify threats and weaknesses in the cybersecurity landscape. “From this we can make informed decision about the protection technology and methodology we should employ.”
According to Matthews, Panda’s Adaptive Defense technology is an example of this, as it automatically classifies goodware and malware using machine learning and AI, and then uses those classifications to ensure that goodware is allowed to run and malware is blocked.
“Machine learning enables contextual detections, identifying attacks that use malwareless and living-of-the-land techniques. Attacks of this type are a growing trend as threat actors find new ways to bypass traditional defense mechanisms.”
Global Power Plays
Speaking of how he sees the security landscape evolving over the next five years, Matthews says global power plays are driving cyber-warfare by state actors. “We are starting to see the spill over from these actions into civil society. In cyber-warfare, nation states or state actors use cyberattacks to disrupt vital systems of their target – typically an opposing country.”
Big industrial control systems or military networks tend to be the main targets in cyber-warfare situations, he explains. “The sophisticated tools that can leak out of this state sector represent a risk to IOT devices, whose growth and inherent vulnerability represent a significant societal security risk for the future.”
Reduce the attack surface
Matthews advises organizations to focus on reducing the attack surface of their endpoints. “Deploying advanced endpoint security is an imperative. Keeping endpoints patched and up to date will ensure critical vulnerabilities are addressed.”
Many businesses have implemented traditional security technology at a perimeter and campus level leaving remote endpoints highly vulnerable, he adds. “The current pandemic and its effect on the workplace requires a review of this strategy. Those organizations that have invested in cloud security technology that is not dependant on internal IT infrastructure have been better placed in addressing the shift to safe remote working.”
In addition to protecting the endpoint, business should also secure their perimeter, network, password policy and systems monitoring to close any gap of the attack surface.