Pandemic COVID-19 has highlighted cybercersecurity as a very serious issue as businesses have shifted to a distributed workforce model.
Many businesses find it difficult to be agile in providing their employees with the tools and network infrastructure they need to operate and communicate smoothly when COVID-19 first time attacking.
In fact, according to NTT’s 2020 Intelligent Workplace Report entitled ‘Shaping Employee Experiences for a World Transformed’, in many cases, employees are left using their personal devices and applications, increasing the risk of vulnerabilities to security.
In addition, only 46.4% of global businesses surveyed for the same report claimed that they had upgraded their IT security capabilities to keep their organizations and employees safe.
The increase in cyber threats during a pandemic has been clearly outlined in the Global Threat Intelligence report from NTT, in which cybercriminals seek to exploit community panic related to the pandemic COVID-19.
The attacks include information-stealing malware implanted into fake World Health Organization (WHO) apps, while phishing emails offer requests for items including face masks, hand sanitizers, and tests. COVID-19. The incident was so bad that the World Health Organization (WHO) called it “infodemi”.
A secure by design approach is essential for businesses to protect themselves
Unfortunately, like the COVID-19 virus, cybercriminals and spies never tire of the impact it has on people’s personal and professional freedoms and other prospects.
Cyber threat actors and organizations are opportunistic and well organized and they are adequately funded in increasing their criminal activity, despite the current global crisis.
This has given rise to a new recognition of the importance of security systems that are embedded in all aspects of the technology tools of organizations.
“Whether it’s applications and workloads running locally, in the public, private cloud or regardless of whether people are working from home, office, or remotely, the infrastructure has to basically be secure by design and this has to be embedded in every aspect of the business environment,” “Explained Matt Gyde, President and Chief Executive Officer, Security Division at NTT Ltd.
“Security cannot be simply ‘taped’ as a secondary thing because it impacts the customer and employee experience,” he added.
At present, perhaps many organizations have not embedded security systems in their organizations because they see security as a barrier and not a driver for digital empowerment.
According to Matt, a change in cultural mindset needs to occur. “Security can help businesses deliver technology in a transformational manner that allows for the best user experience, and in essence this is related to the protection of employee data,” he said.
Digital transformation with SASE
In its ‘Future Disrupted: 2021’ report, NTT predicts that the concept of ‘Secure Access Service Edge’ (SASE), a term coined by Gartner, will become a major trend in the next 12 months.
SASE focuses on achieving the best possible experience for end users in the growing paradigm of SaaS networks and software, by securing APIs and leveraging ‘as-a-service’ scenarios such as firewall-as-a-service (FWaas) or Cloud Access Security Broker ( CASB) -as-a-service.
To get started with SASE, businesses need to thoroughly evaluate what assets and which assets they want to protect, where the distributed workload is taking place, how their business uses applications and ensure the infrastructure is fit for purpose:
- Assess what assets a business needs to protect: To get started, a business must look at data protection. They need to pinpoint what they need to protect and sort out which data and information are especially valuable and important and which are not needed. Then they can go back to basics: good operational cleanliness and due diligence.
- Understand where various workloads are running: This means that businesses need to implement firewalls and perform proper microsegmentation.
- Consider using the app and how to use it: Importantly, businesses should ask themselves how these usage trends relate to their platform strategy and associated end-user / customer and endpoint protocols and how they interact with different workloads and existing applications.
- Accelerate existing network and application security strategies: Businesses must ensure that their security strategies are still relevant to the original objectives. This includes making decisions about the pathway to SD-WAN implementation.
Ultimately, businesses must ensure that cyber security protect internal operations and employee and customer data.
Today, this means that simply buying security is no longer a viable approach, but should be quickly incorporated into the system design.
“Businesses have to focus more and more on ensuring that cyber security is not a barrier, but a motivator for digital transformation and using the right frameworks and partnerships in the ecosystem to do this, ”said Matt.
“There is no more important time than now for the industry to unite to build a strong defense against the ever-increasing and ever-expanding virtual world threats,” Matt added.