COVID 19 has changed the way we do business. A global survey by Gartner states that 88% of the organizations surveyed have made it mandatory or encouraged their employees to continue their work from home, even after the pandemic goes away. Whether we like it or not, the perimeter is gradually diluting as Work from Home is certainly here to stay, said Ravindra Baviskar, Director- Sales Engineering (India & SAARC), Sophos Technologies during a live webinar held by PCQuest in association with Sophos, on the theme of “Adaptive Cybersecurity Ecosystem” or what is popularly known as ACE.
"As employees are no longer sitting in the trusted environment of the offices, they are accessing their corporate data and resources on an untrusted network. The adoption of public cloud platforms has also increased a lot, which means that the devices, the services, and the applications which once used to run within the corporate perimeter now run outside of it. This new live anywhere and work anywhere culture has given attackers a larger attack surface to explore and it has become equally important for organizations to secure users wherever they are- whether they are in offices, or they are traveling, or they are working from homes. At the same time, you still need to secure the corporate boundary or the traditional perimeter too," explained he.
The shift in businesses due to COVID caused a considerable shift in the attack surface too and prompted an evolution in IT security. Attackers are increasingly combining automation with hands-on hacking to get around your defenses. They are also exploiting legitimate tools and behaving like an employee on your network to avoid detection. Stopping the evolved attack techniques requires a shift from security management to security operations.
As businesses continue to evolve, security also needs to follow the same path. IT security teams need to move from loosely integrated point security solutions, to an adaptive cyber security system that can automatically prevent as much as it can. Business attack surface is always evolving, hence, IT security needs to enable a unique feedback loop, so that they can constantly learn and improve to keep pace with this evolution.
The webinar threw light on the topic to help cybersecurity professionals with the ideas and tips to deal with the new reality of interconnected business systems and the changing nature of attacks that combine automation with hands-on hacking.
An Adaptive Cybersecurity approach is extremely useful in this rapidly changing threat landscape- it focuses on Predict, Prevent, Defect, and Respond and combines it with policy and compliance measures to create a system with an ability to quickly detect, trace and respond when the event occurs.
Baviskar explained how Sophos ACE builds on and extends Sophos' synchronized security approach, brings together the power of Sophos’ threat intelligence, next-gen technologies, data lake, APIs, and Sophos Central management platform, creating an adaptive cybersecurity ecosystem that constantly learns and improves, and enables cybersecurity teams to search and detect weaker signals of a threat and prevent them from becoming breaches.
The webinar was followed by a live Q&A session on the new attack vectors, and organizations' preparedness to deal with them, where Baviskar was joined by Nishant Tripathi, Cybersecurity Consultant- North, Sophos Technologies and PCQuest Editor, Sunil Rajguru, who moderated the session.
"Organizations need to look at not only the prevention techniques, or the point solutions which can stop the attack, but consider investigation tools like Extended Detection and Response (XDR) or maybe Managed Threat Detection and Response (MTR) services so that they can get a complete and clear picture, and respond to the threats accordingly," said Nishant Tripathi, Cybersecurity Consultant- North, Sophos Technologies.
"To detect a loophole in software you need software. Likewise, to detect a human attacker you need human investigation," echoed Baviskar. While XDR is good for detection, but our MTR service is extremely useful as it adds real-time data from our expert threat hunters to complement the detection data and build intelligence into the system, said he.