Cybersecurity is a global concern. From the smallest business up to the largest international enterprise protecting critical information assets and infrastructure is vital to maintain business integrity and reputation. Device Visibility and Control experts, Forescout, look at the UK cybersecurity Industry and what might be key to remaining secure over the coming months
By Chris Sherry, Regional VP EMEA North, Forescout
Nowadays, most enterprises are aware of how incredibly volatile the cybersecurity landscape is and the danger it poses to their business. Around the world, organisations are experiencing a huge uptick in cybersecurity incidents.
In the UK, businesses watched on in horror as Wannacry paralysed the NHS, clearly highlighting how some of our most critical services have huge gaps in their security infrastructure. This worry was only amplified by the widely-covered attempt to infiltrate the international chemical weapons watchdog last year.
These events have resulted in organisations taking note and urgently reviewing their cybersecurity posture to ensure they’re adequately protected. For many, this is easier said than done, though.
With 2020 on the horizon and many businesses looking to re-evaluate their security strategy, what are some of the key considerations they should be keeping in mind?
IoT changing the landscape of cybersecurity
The explosion of Internet of Things (IoT) devices within organisations has drastically increased the number of potential entry points into a network for bad actors. In particular, the convergence of IT and operational technology (OT) often leaves blindspots that can easily be exploited once identified.
Just like any IoT device, if a malicious actor breaches an OT system, they can disrupt an entire business, leading to a complete halt in operations as a worst case scenario. The manufacturing and energy sectors are particularly susceptible to this, given the large number of connected devices involved in the running of operations in these industries.
The main challenge for enterprise IT professionals in this context is how to comprehensively protect all of these different devices, some of which are decades old while others were never meant to be connected to the internet in the first place. This makes traditional security strategies redundant as it is an impossible feat to individually secure every single endpoint within a network. Rather than attempting and failing to do so, IT teams need to focus on securing the network itself.
Visibility is key
You cannot protect what you cannot see. It is as simple as that when it comes to putting efficient and effective cybersecurity defences in place. In reality, most organisations struggle to gain an accurate understanding of all the devices on their networks.
Research has found that 85% of IT teams agree that a lack of full visibility is a significant point of weakness in any security infrastructure. This challenge stems, in part, from the fact that different teams within an organisation don’t necessarily always agree on how connected devices should be managed and with whom the responsibility lies. This lack of a clear strategy and effective coordination leaves businesses incredibly vulnerable.
Ensuring clear and comprehensive visibility of all the devices that touch an enterprise network is the first step to ensuring they can be adequately protected. To achieve this, organisations should rely on an ‘agentless’ approach that allows communication with even the most obscure IP-enabled devices on the network, both physical and virtual.
Assessing security posture
Once all devices on the network have been effectively identified, there is still a huge grey area as to which pose the most susceptibility to attack. This information is crucial if IT teams want to create effective policies that mitigate risk and keep the network secure.
What is needed, then, is the full operational context and purpose of each device in order to decide how it is best secured and managed; the problem is, the growth and diversity of devices makes manually gathering this information nearly impossible. Automated classification of assets according to their security posture, and determining exactly what they are, who is using them, when they were last patched and what applications they are running can be very effective in identifying potential threats before they culminate.
Manage and protect accordingly
Once the above has been taken into consideration, IT teams can look to consolidate the management of IoT, IIoT and OT devices into one, central cybersecurity hub. A centralised management system will give IT managers full visibility and control over all connected devices on a network, according to the relevant policies that are determined by the assessment of each asset.
For example, different levels of access can be provided to guest and BYOD devices as opposed to those that remain constant on the network, as well as the quarantining and isolation of non-compliant devices to ensure that, if should they fall into malicious hands, network access is blocked to avoid lateral moving attacks taking hold.
Businesses have never been more aware of how much disruption cyberattacks can cause to their organisation. Yet, despite this, that knowledge still doesn't always translate into a sound cybersecurity strategy. If businesses of all sizes and across all sectors want to adequately and effectively protect their networks from bad actors in 2020 and beyond, they need to put device visibility and control at the heart of their network security efforts now.
