The endless battle between sophisticated cyber attacks and the industry’s latest security defenses rages on. We know that the threat landscape will continue to evolve each year, but there are other emerging challenges that the industry must find ways to overcome as well. For instance, the market is currently grappling with a significant shortage of skilled cyber security professionals. According to one ESG report, nearly three-fourths of organizations report that the cyber security skills gap has already made a significant impact on their business. And the number of unfilled information security jobs is expected to grow to 3.5 million by 2021. Midsize enterprises without qualified security professionals on staff can’t adequately defend against the sophistication or sheer frequency of attacks taking place.
Additionally, companies have been tasked with providing protection for a more fluid, distributed workforce, regardless of whether employees are operating on- or off-network. According to a recent CITE Research survey over 90% of organizations allow remote work today. More employees are accessing company data from home, coffee shops or airports, and on a variety of mobile devices. This shift has fundamentally redefined the network perimeter and what it takes to protect it. Despite the fact that 90% of CITE survey respondents reported using endpoint threat detection and response solutions, nearly two-thirds of respondents confirmed that a remote worker has fallen victim to a cyber attack. Today, organizations must be able to protect their employee and company data on any device, even on networks they don’t control.
In light of these key challenges and many more, it’s important to take a step back, objectively evaluate your current security posture and make adjustments to better protect your data, employees, customers and partners. Let’s take a look at several key focus areas for CISOs and CIOs to consider in today’s threat landscape:
- Implement multi-factor authentication and off-network protections. More than 80% of breaches leverage weak or stolen passwords according to the Verizon Data Breach Investigation Report. Strong authentication is the cornerstone of good security, and these types of incidents can largely be prevented with MFA defenses and other user-focused security services like DNS-level filtering and more.
- Use a layered security model that includes many overlapping security services. No one service is bulletproof, so the strongest security posture is one that minimizes risk by combining a variety of services. This means deploying everything from traditional intrusion prevention, gateway antivirus (AV), application control, spam prevention, and URL filtering defenses, to more advanced services for protecting against evasive malware, ransomware and data breaches.
- Deploy advanced malware protections. One of the key takeaways from WatchGuard’s quarterly Internet Security Reports over the past few years is that roughly 30% to 50% of malware variants are obfuscated or modified in some way to evade legacy signature-based AV solutions. As cyber criminals continue to leverage increasingly advanced tactics to infiltrate networks and steal data, you need more advanced antivirus services that use behavioral analysis and machine learning to detect elusive malware.
- Prioritize Wi-Fi security. One of the most overlooked when it comes to security is Wi-Fi. There are six major Wi-Fi threat categories and most leading APs aren’t able to automatically detect and block all of them. In light of these threats and our increasing reliance on Wi-Fi for business and everyday life, every organization should focus on secure Wi-Fi. More specifically, you must build Trusted Wireless Environments that are protected from the six known Wi-Fi threat categories, are easy to scale and manage, and don’t compromise performance when security protection is enabled.
- Know that cyber criminals target organizations of all sizes. Don’t make the mistake of believing your organization is too small or that your data or customers aren’t valuable enough for attackers to bother with. Hackers don’t discriminate, and organizations that are least likely to have adequate protection are just as likely to sustain a security incident. The difference is that the odds of smaller organizations recovering from the monetary and reputational damage of a breach are incredibly steep.
- Understand that good security doesn’t have to be complex or expensive. The availability of security-focused IT solution providers or Managed Service Providers (MSPs) is making it more simple and accessible than ever for organizations with less security expertise and resources to benefit from enterprise-grade security services.
At WatchGuard, we started out as firewall company focused purely on delivering network security solutions. As the threat landscape has continued to become more complex, not only have we added to our network security services, but also have expanded to offer many other security services that midmarket organizations now need, including secure Wi-Fi, MFA, network intelligence and visibility, and endpoint security. From our core firewalls, security services, and secure Wi-Fi products to our new user-focused services like AuthPoint MFA and DNSWatchGO endpoint security, all managed via an innovative WatchGuard Cloud platform, our ongoing evolution as a company is centered around making enterprise-grade security simple and easy to access, deploy and manage for organizations of all sizes.
Given the growing importance of protecting users regardless of their location, our biggest investments in 2020 will be directed toward building on the strong foundation we have in place with AuthPoint and DNSWatchGO to bring new user-focused security services to market. WatchGuard will also continue to build innovative features into WatchGuard Cloud that further simplify how both businesses and IT solution providers deploy and manage security services.
As we expand our portfolio, we have also continued to increase our R&D investment. Latest in that investment is our rapidly growing office in Noida, India, where our team works primarily to design and build advanced features into the WatchGuard Cloud platform and create a single identity framework for WatchGuard products. As we continue to hire talented engineers in the region, our team in Noida will be instrumental in building a cutting-edge unified security platform that helps organizations overcome barriers to better security and defend against today’s most pervasive threats.
As 2019 comes to a close, carefully consider the above best practices and make it a point to build them into your security strategy for the coming year. Find out how WatchGuard can help here.