Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
DAVE SHEPHARD,
VICE PRESIDENT
ASIA PACIFIC AND
JAPAN, BITGLASS
EDITOR’S QUESTION
The major cyberthreats facing Asia
Pacific today largely reflect those
faced elsewhere around the world.
We connect to the same Internet and use
many of the same applications and services.
New threats stem from how we connect
to those services, how we use them, and
whether our existing security controls are up
to the challenge of securing a workforce that
is largely using cloud and working remotely.
In recent months IT teams performed
miracles to get almost all users working
from home. Many stuck to using what
they already had and knew, but it remains
to be seen whether those decisions will
sustain long term or whether a security
strategy built around standard operation
environment (SOE) devices, VPNs and
corporate networks is right for a modern
enterprise. I suspect it isn’t.
Asked in a Bitglass survey about their BYOD
security concerns, 63% of respondents
“
HACKERS AND
CRIMINALS WILL
LOOK TO EXPLOIT
HUMANS AND
OUR NEW WAY OF
WORKING.
said data leakage, 55% said unauthorized
access to data and systems and 52% said
malware infections.
Despite these concerns, the research shows
that organizations are allowing BYOD
without taking the proper steps to protect
corporate data.
About half of the surveyed organizations
lack any visibility into file sharing apps
(51%), 30% have no visibility or control
over mobile enterprise messaging tools and
only 9% have cloud-based anti-malware
solutions in place.
Cloud first is the right strategy, however.
There’s now an opportunity for IT
organizations to re-define their enterprise
security architectures, starting with the
user, not the firewall, and focusing on cloud,
not the data center. Of course, there are
security challenges.
Bad guys
Hackers and criminals will look to exploit
humans and our new way of working.
According to threat intelligence company
Anomali, COVID19 is (unsurprisingly) a
popular topic among the community of
cyber-adversaries.
Most cybercriminals rely on the same tools
and tactics; they just have more targets to
aim at. In unusual work environments our
guards may be lower. People unaccustomed
to working from home, or juggling the
added stress of home-schooling, may be
more susceptible to a well-timed email
inviting them to click for news or a
health update.
New IT security
We didn’t grow up in the cloud. We know
instinctively the benefits of cloud, but
perhaps not the risks or how to best mitigate
them. Almost every company with a firewall
will have a certified firewall admin, but how
many companies using cloud have deployed
a Cloud Access Security Broker (CASB), let
alone have a certified CASB admin?
If users are remote and their data is in the
cloud, the firewall won’t save them. •
www.intelligentcio.com
INTELLIGENTCIO
35