The onset of the Covid-19 pandemic and the consequent widespread adoption of the remote working model has exacerbated the issue of cybersecurity significantly. In the pre-Covid-19 era when most employees worked from offices, the local area network (LAN) and desktops/laptops were adequately secured. Enterprises often turned to sophisticated technologies that could protect against cyberattacks. However, with work environments witnessing a drastic change following the emergence of Covid-19, the threat risk has heightened.

Even now, several months since the Covid outbreak, only support staff personnel, or those who need direct system/hardware access, are working from the office in most cases, while the rest of the workforce is operating from home on more vulnerable networks than those at the office. Under the work-from-home model, employees are increasingly relying on personal devices (such as personal computers, USB drives and other peripherals) for office-related work. Such devices are seldom protected by proper security applications and can be easily compromised, thereby posing a serious threat to an organisation’s digital infrastructure.

Since a potential cyber breach can have drastic financial implications, cybersecurity has emerged as a key priority for most organisations today. Companies are now looking to revisit their security measures, and focusing on deploying new processes and technologies to fortify their digital architecture.

Threats posed by Covid-19

Covid-19 pushed organisations across the world to shift rapidly to remote working. However, this unexpected change in the working model posed numerous challenges for organisations, with cybersecurity being the biggest one. Enterprises were exposed to multiple threats during the pandemic, including phishing and business email compromise schemes, nation-state-backed campaigns and ransomware attacks. In a global survey conducted by Fortinet, 60 per cent of organisations surveyed revealed an increase in cybersecurity breach attempts during the transition to remote working, while 34 per cent reported actual breaches in their networks. Further, organisations cited ensuring secure connections, business continuity and access to business-critical applications as the most challenging aspects of the transition to remote working.

Nearly half the organisations surveyed stated that they had invested further in a virtual private network (VPN) and cloud security, while nearly 40 per cent said they had invested in skilled IT professionals or in network access control (NAC). However, there is still room for improvement as far as network investments in cybersecurity are concerned. Given the number of attempted breaches and the waves of cyberthreats targeting remote workers, organisations need to carefully consider what technologies and approaches are needed to secure remote working networks in the future. Further, the defence strategies of these organisations need to be adjusted to fully account for the extension of the network perimeter into employee homes. Going forward, almost all organisations are expected to increase their investment in securing their remote networks. In fact, the Fortinet survey reveals that nearly 60 per cent of enterprises surveyed will be spending more than $250,000 each in secure telework investments over the next two years. The majority of enterprises surveyed intend to make unplanned upgrades to their existing systems to secure telework, while many also plan to add new technologies.

Techniques that can enable enterprises to secure remote connectivity include integrating multi-factor authentication into their remote security plans; adopting NAC solutions to enable IT teams to get increased visibility and control over the users and devices on their network; deploying endpoint detection and response solutions that deliver advanced, real-time threat protection for endpoints both pre- and post-infection; and extending software-defined wide area network (WAN) to the home so that home workers can enjoy on-demand remote access as well as dynamically scalable performance, regardless of their local network availability. Secure access service edge is another emerging strategy, that enables enterprises to combine network and security functions with WAN capabilities to support the dynamic secure access needs of today’s organisations.

Enterprise security trends triggered by the pandemic

Evolving threat landscape

The threat landscape for companies has evolved significantly. Security teams now have to secure a far larger perimeter than just office networks. With a significant number of employees now working remotely, the environmental, physical and technological controls of an office environment have ceased to exist. As per industry analysts, software-defined perimeter and endpoint security are emerging as a new reality in this space.

Securing all applications

With companies jumping on the digital bandwagon to increase the number of applications and other solutions provided to customers, the need for securing all these digital solutions from end to end is increasing. Organisations are now looking to adopt an all-inclusive approach for securing their applications.

Training employees

Since a significant portion of the workforce is now working remotely, companies are continuously devising better ways to train employees. They are focusing on educating employees in following best practices to secure their respective systems from any potential breach, and on raising awareness about the proper usage of home networks, devices and personal accounts. Further, employees are regularly being briefed on the action plan that they should follow in case they encounter any attacks. Some organisations also run predictive analyses and then extract reports to get a better picture of any loopholes and fix them accordingly.

Shift towards zero-trust security model

Traditionally, companies used to deploy security models that broadly classified everything (users, devices, and applications) within the corporate network as trustworthy. Such a model entails the deployment of legacy technologies, such as VPN and NAC, which are used to verify the credentials of users outside the network before granting access.

However, under the prevailing circumstances, wherein the boundaries of a corporate network have ceased to exist, these traditional models cannot serve the purpose of security. Thus, the industry is now moving towards a new approach called zero-trust security architecture. This model relies on continuous verification of trust across every device, user and application. The model has become particularly critical for organisations that are deploying a combination of platforms and computing capabilities.

Vulnerability remains high

While the majority of enterprises in India have started warming up to the idea of protecting their digital infrastructure against cyberattacks, there is still a long way to go. EY’s Global Information Security Survey Report 2020, which examines some of the most compelling cybersecurity issues that businesses face, revealed that Indian organisations are reluctant to invest in their cybersecurity architecture, despite 53 per cent of the 190 organisations across India surveyed by EY admitting to having experienced a significant cyber breach in the past 12 months.

As per the survey, there was a significant increase in the number of destructive attacks faced by respondents, with 72 per cent saying that attacks had become more frequent over the past 12 months, and 38 per cent reporting an increase of more than 10 per cent. While most businesses continue to remain vulnerable, with 59 per cent stating that they were unlikely to detect a sophisticated cyberattack, only 31 per cent said that their cybersecurity team is involved right from the start of a new business initiative. Another key finding was that many cybersecurity teams continued to play a secondary role in their respective businesses, instead of taking centre stage.

However, the survey also shows that company boards and senior management teams are engaging more intimately in cybersecurity and privacy issues, with 73 per cent of them perceiving the cybersecurity risk to be a significant threat to their organisation. Of the organisations surveyed, 68 per cent reported having a chief of cybersecurity sitting on the board or being at the executive management level. Moreover, the cybersecurity spending of organisations currently seems to be driven by defensive priorities rather than innovation and transformation. The findings highlight that 82 per cent of the spends on new initiatives were focused on risk or compliance, rather than opportunity, and only 7 per cent described cybersecurity as an innovation enabler. The survey also found that trust and increased collaboration between all business functions are critical catalysts for driving cybersecurity as a business enabler in the new normal.

Embracing the new reality

Enterprises in India have barely scratched the surface in terms of leveraging cybersecurity solutions. They need to follow a few key steps to embrace the new digital reality that is set to emerge in the post-Covid world.

Foster a culture of cyber resilience

Going forward, enterprises should look to break down barriers between departments and strengthen and promote resilience across IT, operational technology, and business-facing functions. There has to be a sense of collective urgency towards meeting an organisation’s cyber needs, which extend beyond security and privacy functions. There should be proper plans in place for tackling cyberattacks, and coordination should be effective.

Redefining cyberrisk metrics

Traditional cyber resilience metrics have proved to be inadequate representations of the real risk faced by organisations. Now, businesses need to revise their approach to supply chains; define practical, meaningful cyber risk metrics; and focus on operational risks when designing new digital strategies.

Focus on protecting critical capabilities and services

Enterprises also need to re-establish a cyber hygiene culture in the workforce, move to new models of managing access and monitoring activity of critical assets, and prioritise investment in cyber automation.

Revise resilience planning processes

Further, businesses need to revise resilience planning processes, test them and equip crisis management teams with skill sets and experience to manage operations under intense pressure. Enterprises also need to review the definition of a worst-case scenario in the new reality.

Strengthen ecosystem-wide collaboration

The pandemic has demonstrated the need for cooperation. Governments have started collaborating to address international cyberthreats, major enterprises have started pooling threat intelligence, and regulators have started seeing the value of transparency and collective action in ecosystem resilience planning. Similarly, enterprises should think about reaching out to their industry networks and establishing collaborative awareness and intelligence sharing sessions.

Emerging opportunities

Cybersecurity is perhaps one of the few areas that is buzzing with opportunities amidst the Covid-19 pandemic. Consequently, venture capitalists and the entire investor community are eyeing the booming cybersecurity market, and large sums of money are being infused into the sector. Globally, funding in the cybersecurity space seemed to be at an all-time high of $1.5 billion in the first quarter of 2020.

In India, too, Covid-19-induced digitalisation is expected to accelerate activity in the cybersecurity space. In fact, the Data Security Council of India recently stated that there has been an uptick in cybersecurity patent filing and grants, which is indicative of the growing innovation ecosystem in the country. Going forward, as enterprises scale up deployment of technology solutions such as 5G, artificial intelligence, internet of things, blockchain and machine learning, the need for proper cybersecurity solutions will become more apparent. This will open up a plethora of opportunities for start-ups working in this space, which can build scalable solutions that effectively cater to the evolving needs of companies. However, the effective capitalisation of these opportunities would require constant innovation and upgradation in security solutions.

By Kuhu Singh Abbhi