Software companies and their users faced serious challenges from cyberattack and ransomware groups last year, from the outfall of the SolarWinds attack to the Colonial Pipeline and Kaseya attacks, and to round out the year, groups exploiting the Log4j vulnerability. This year, businesses and enterprises are taking action to build strong cybersecurity strategies and minimize their risks from cyber threats.
Stronger Cybersecurity for Businesses
Here are four things your users are doing to strengthen their security postures:
1. Become more proactive
Cam Roberson, Director of the Reseller Channel at Beachhead Solutions, says, “Businesses are pursuing more proactive and automated security risk responses to protect their systems and data.”
He adds, “They don’t have a choice. Facing broader threats (it’s not just ransomware!), businesses seek the flexibility to implement customized predetermined countermeasures aligned with their particular use cases.”
“I expect approaches enabling zero-trust policies will accelerate the fastest, along with strategies that protect against employee-centric threat vectors without impacting employee productivity,” Roberson predicts. For example, a company might use geofencing-based rules to proactively send warnings if a device travels outside normal work location boundaries and disallow data access if it travels further. “In this way, more businesses can neutralize threats before they do harm,” he says.
Sylvain Siou, Vice President, Worldwide Systems Engineering at EfficientIP, cites IDC research that states 26 percent of companies reported stolen company information in 2021, up 10 percent from 2020. “This threat continues to grow as exfiltration nearly always goes unnoticed by firewalls since they are incapable of performing the necessary context-aware analysis of traffic, Siou says. “To enhance security, businesses are increasing spending on DNS security as the first line of defense, allowing them to monitor IP traffic and better identify and prevent potential data theft.”
Ivan Paynter, National Cyber Security Specialist at ScanSource, says, “Companies increasingly rely on SaaS-based security applications, such as endpoint detection and response (EDR) and extended detection and response (XDR) to help identify and mitigate malfeasance while reducing dwell time.”
He explains that EDR solutions are the next generation antivirus with internet intelligence, and XDR solutions combine endpoint data and security information event management (SIEM) data, provide a contextual correlation of events and alarms, and increase the visibility of actional events. “The key is to identify the correct managed service security operation center, as one size does not fit all,” Paynter says.
2. Leverage next-gen technologies
Trustifi’s CEO and Co-Founder Rom Hendler says, “Next-gen cybersecurity is gaining prominence in 2022, like relay-based solutions using artificial intelligence (AI) and optical character recognition.”
He explains that older approaches like secure email gateways (SEGs) are becoming less relevant. “Bad actors have evolved. Their sophisticated ‘imposter’ phishing schemes are nearly impervious to SEGs, which mainly filter email based on known malicious IP addresses. Cybercriminals can impersonate C-level executives and order colleagues to make wire transfers. Understand that the bad guys are using AI to identify these important users to hack high-level accounts and do damage. Companies need to use these same advanced tools in their email security arsenal to protect themselves,” Hendler says.
3. Merge physical and cybersecurity
Tim Eades, CEO of vArmour, says that physical security and cybersecurity are merging. “In the past, these two strategies were separate thoughts, yet the growing hybrid workforce means that cyber and physical security need to come together,” he says.
“Nowhere is this truer than in the supply chain. From internet-controlled thermometers to the components responsible for monitoring vehicles, digitized components are increasingly cloud-connected, and there are real-life consequences of cyberattacks. We can expect to see an uptick in cyber-physical security attacks as the Internet of Things continues to increase exponentially and we hit peak cloud, setting the stage for a reckoning over how to secure enterprises amid increasingly complex connectivity.”
4. Strengthen cybersecurity for insurance reasons
Kate Kuehn, vArmour’s VP of Security, points out that, in addition to protecting data and securing their businesses, your customers may also be incentivized to strengthen cybersecurity for insurance reasons.
“There will be a minimum baseline of security controls that will be required to be insured, and that will help drive a level of security maturity that society will benefit from in the years to come. It is just like having your car in proper working order and a valid driver’s license to be insured,” she says. “However, organizations will need to have a minimum baseline for coverage in their cyber that they can demonstrate through an audit, or the cyber insurance policy will be null and void. Tools that focus on cyberattack detection and protection, such as application relationship management, will likely become one of those key requirements.”
Stronger Cybersecurity for Developers
While software users deploy new solutions and implement new policies for stronger cybersecurity, there are also trends in the software industry to build cybersecurity as well, including these four:
1. Shift to the Zero Trust model
More businesses are moving to the Zero Trust model; however, as Joe Leonard, CTO and VP of Security Strategy at GuidePoint Security, points out, it also takes a shift in culture and adapting processes to be effective.
“The traditional security model operated with implicit trust where everything was allowed unless it was known to be bad. Zero Trust implements a granular least privilege per-request access, where only those specified as needing access get access,” he says. “Organizations need to educate their employees on why the shift to Zero Trust is needed and relate it to how it can help them be more productive. At the end of the day, employees are focused on doing their jobs much more so than on prioritizing security. It’s critical to educate users on this shift and help them understand how this will ultimately allow them to be more efficient in their job responsibilities.”
He adds, “Transitioning from the traditional cybersecurity approach to one based on a Zero Trust model, also requires a shift from a manual, static environment to one with more automation and integration of processes and systems that enables dynamic policy enforcement based on a user’s behavior in real-time to determine access. While mapping out security requirements, it’s important to build in as much automation as possible so that controls are transparent to the end users.”
2. Leverage threat modeling
Victor Wieczorek, VP, AppSec and Threat and Attack Simulation at GuidePoint Security, predicts, “Threat modeling is front and center in 2022 from an AppSec perspective. Not only is it now part of the OWASP Top 10, but the earlier you can identify design-related flaws and potential threats, as well as implement effective compensating security controls to mitigate those threats, the better you will be from both a security personnel’s and an application owner’s perspective.”
3. Gain visibility into third-party software vulnerabilities
Wieczorek adds, “With the supply chain attacks that we’ve seen in the last year, the big impact we’re seeing is that organizations are focused on trying to understand third-party and open-source libraries that are used in their software development. I think we’ll see more organizations creating software bills of materials (SBOMs) for many of their key solutions and include this as a requirement within their procurement process. While suppliers have traditionally been hesitant to share this information in the past, they’re being driven because of the inherent risks that an organization is taking on by using that software.”
4. Introduce new security roles
Wieczorek also sees employees taking on new roles. “As this need to understand, manage, and document our own software supply chains grows, we’re seeing new positions created by organizations to support this need, such as software supply chain architects and teams that manage this process internally and for the organization’s suppliers,” he says. “These teams are responsible for monitoring software dependencies, documenting secure usage, approving new libraries, managing internal and vendor SBOMs and identifying risk to the organization based on this data.”
Consider these trends and how they can bring value and deliver strong cybersecurity to your organization and your customers.