Times are changing – and cybersecurity is changing with it

There’s no doubt about it – cybersecurity is changing.

Up until now, the focus was on threat-centric responses. Businesses built a wall around their digital perimeters – a robust defence that controlled access in and out of their infrastructure. If there was a problem, action would be taken straight away.

Threat centric responses were easy to implement, relatively cheap and worked – or at least it used to.

But times are changing. Today, traditional defences are becoming obsolete. Middle East businesses need to shift their focus away from building walls, and instead embrace visibility.

And at no time has this been truer than during the current global situation we find ourselves in.

Flexible and remote working has overnight become the norm, with most GCC countries enforcing working from home measures since March 2020. This is causing major security complications. Outside of office walls, infrastructure is no longer protected by traditional in-house defences.

With working patterns disrupted, businesses could suffer a concerning lack of visibility and control. Security risks may not be able to be comprehensively assessed. In this new environment, the shift to cloud-based, remote working has become an immediate necessity rather than a long-term goal many businesses were working towards.

We’re not just thinking about devices and how they access the network. Data is also flowing inside, outside and through enterprise perimeters. Gartner predicts by 2021, 27 percent of corporate data traffic will bypass perimeter security, and flow directly from mobile and portable devices to the cloud. This is compounded by the sheer volume of data that businesses hold and process.

The result? Organisations no longer have the eagle-eyed line of sight they once did – leaving them subjected to vulnerabilities and compliance violations. According to an IBM report, Saudi Arabia and the UAE had the second highest average data breach cost at SAR22.4 million ($5.97 million) in 2019. Saudi Arabia and the UAE also had the highest average number of breached records at 38,800 per incident compared to a global average of 25,500 records per incident.

A new security vision

Managing and supporting a fully remote workforce isn’t a one-time problem – it’s the new way of working. Furthermore, the challenge is compounded by companies’ existing struggles to fight insider threats to their data and security.

Whether threats are internal or external, a major paradigm shift in security is needed – and fast.

The value of threat-centric approaches has become limited as a result. They overwhelm IT teams with false leads – to the point where genuine threats can slip through the cracks. This isn’t helped by the fact cybersecurity teams are often understaffed.

With today’s high demand for remote working, IT teams are struggling to investigate these security threats, without direct access to employees’ computers and devices.

Security needs to move to a model where humans are the new perimeter, looking towards how people and data come together and cooperate- rather than focusing on specific external threats. Only then, through analysing human behaviour with big data, can it deliver insights into enterprise risk and identify compromised users already operating inside the organisation.

Humans are the new perimeter

Through adopting a human-centric view of risk, businesses can identify compromised insiders more rapidly. This means successful data breaches and outages are more likely to be foiled before the real damage is done.

Additionally, human-centric, behaviour-based cybersecurity, is tailor-made for the era of mobility and cloud. This is because it enables enterprises to detect and respond faster to risk than legacy systems which focus only on protecting infrastructure. This continuous monitoring and assessment approach, observes how people interact with critical business data and IP- understanding why these interactions occur and the risk they pose.

With a clear understanding of user risk, security teams can take immediate action to adapt security policies dynamically, reducing risk and better protecting the user and critical data.

This allows IT teams to assess risk in real time – helping them remain attentive to data as it moves across the network.

A SASE vision

Research firm Gartner has identified a new technology architecture – named Secure Access Service Edge (SASE) – which is being considered as a modernised solution for cybersecurity. 

It recommends converging networking and network security capabilities into a unified, cloud-native service. This would make it easier and less expensive for enterprises to safely connect people and offices all over the world. SASE is not a product, but an architecture reference model to help enterprises re-architect secure edge connectivity.

So, for usage outside of the traditional perimeters, SASE architecture will address the limitations of current networks and security design approaches. It does this by migrating much of these capabilities into a centralised cloud platform.

The SASE framework will also open the door to enhanced security features – things like zero-trust network access and continuous, automated risk assessment using behavioural analytics.

In short, SASE represents a new approach designed to help security and risk management leaders address the changes posed by digital transformation. It also provides security and IT leaders with a way to reduce complexity in their environments, while ensuring security and connectivity for organisations.

A human-centric vision 

So, between now and this vision of the future, what should organisations do when it comes to choosing the right security approach?

Fortunately, several intelligent and integrated security solutions already provide visibility into user behaviour. And they are all built on a strong base of what we’d consider “traditional” threat-centric cybersecurity programmes (protecting against known threats will always have its place).

But, it’s important to remember that no matter how advanced technology gets, human nature is human nature. A business is only as strong as its weakest link. That’s why, now and in the future, ensuring proper governance, a cyber-savvy culture, and defences that truly understand, and keep human behaviour at its core, must be a top priority.