How has the pandemic affected network security?
The rapid shift in business operations significantly impacted the cyberthreat landscape. As companies fast-tracked the migration of digital assets to the cloud, they also inadvertently increased the attack surfaces from which hackers can try to gain access to their data and applications.
C-suite executives are moving quickly with network plans to support exploding customer and supplier demand for contactless interactions and the unplanned need to connect a remote workforce. Yet they are also aware that they are not fully prepared to adequately protect their organizations from unknown threats. The situation is further compounded by the cloud shared responsibility model, which says that cloud service providers are responsible for the security of the cloud while customers are responsible for securing the data they put into the cloud.
Cybersecurity is a key business driver that senior managers know must be incorporated
into strategic planning at the highest levels. As the volume and sophistication of cyberattacks continue their relentless pace, organizations seek ways to automate detection and mitigation. Unresolved security incidents can be disastrous to companies already dealing with issues related to the pandemic.
[You may also like: What Has the Pandemic Taught Us About Business Resiliency?]
Who Protects the Cloud?
Hosting applications and data in the public cloud is a proven way for enterprises to be nimbler with network operations, improve the customer experience and reduce costs. As more data moves to the cloud with the adoption of contactless payments and remote work
initiatives, about 32% of Radware’s C-Suite survey respondents reported that they rely on public cloud hosting providers to secure their digital assets.
The issue with that approach is that every public cloud provider utilizes different hardware and software security policies, methods and mechanisms, creating a challenge for enterprises to maintain standard policies and configurations across all infrastructures. Plus, public cloud providers generally only meet basic security standards for their platforms because they want to standardize how they monitor and mitigate threats across their entire customer base. Lastly, the aforementioned cloud shared responsibility model further complicates things.
Depending on the type of cloud deployment — software as a service (SaaS), infrastructure as a service (IaaS) or platform as a service (PaaS) — customer security responsibilities will be determined. The failure of customers to fully understand and adhere to the shared responsibility model is responsible for the majority of public cloud data breaches.
That leaves gaps in security, which hackers are more than happy to stay at home behind their keyboards to exploit.
[You may also like: Making Smart Decisions in Uncertain Times]
Attack Vectors
Organizations face a multitude of threats and attacks daily. Senior executives know that it is a struggle to scale their security infrastructures at the same pace as the technological advances they implement inside their networks, especially when timelines were accelerated by the pandemic.
The attack vectors that C-suite executives are most concerned about now are:
C-suite executives also have their eyes on evolving security threats. These are the attack vectors that they are concerned about as they develop over the next three years:
