As the Senior Solutions Engineer in our Multi-cloud specialism, I was not surprised to read the contents of Gartner’s Cybersecurity Threats in 2022. All the technologies I have been working with this year focus on directly addressing many of these issues. The common theme is that innovation in the industry and the boundary-less network, in part caused by the growth in cloud and global working, is increasing the attack surface and potential vulnerabilities for hackers to exploit. Keep reading for a simplified explanation of the top three trends.
Gartner highlights that around 60% of people are currently working remotely, with 18% of them unlikely to return to the office. The increase in workers logging on remotely, relying on often unreliable VPN’s or unsecured home Wi-fi, increases the risk of network and application breaches. Many traditional tools are simply not designed to work outside the boundary of a company’s network. Add to this the growing market of IoT (Internet of things, like our Alexa devices) and OT (Operation Technology, like water treatment machinery), and the increased use in Application Programming Interface (API’s) and micro-services in software development. The attack surface, or the number of targets a hacker can gain access via, have expanded, and has left organisations vulnerable to attacks. Gartner recommends a shift in approach, moving away from the traditional security practices to be able to protect this growing attack surface.
A growing number of attacks currently start with a hacker using legitimate credentials to log in to a network or application. Perhaps gained through a phishing attack or data breach, this entry method is very unlikely to raise any alarms. Imagine your friend giving you their hotel key card, you wouldn’t expect difficulty in accessing their room; the door opens to the key regardless of the holder. This is the same as having an Identity Provider who authenticates your users, without something like multi-factor authentication (MFA) or device binding, to ensure that it is the right person using the credentials. A companies identity strategy must be robust, encompassing a range of tools that Gartner terms Identity Threat Detection and Response (ITDR). ITDR focuses on the protection of the systems and processes of access, credentials and privileges.
Supply chain attacks are where a service or technology that has been supplied to a customer is compromised. The SolarWinds attack in 2020 was an example of this, their custom software was injected with malicious code and then used to infiltrate 18,000 private government and private organisations that were using their software in their own companies. The digital supply chain is a under attack, and Gartner recommends that security leaders work collaboratively in house but also with suppliers to demonstrate security best practices. It is important for look at what other tools and practices are in place in an organisation that mitigate the risks, should their digital supply chain be breached. Gartner predicts that by 2025, 45% of organisations will have experienced this. So, it’s not a case of if, but when.
Though it feels like the battle to secure our infrastructure, apps, and data is never ending, there are some incredibly innovative technologies hitting the market that are taking away some of the complexity of managing all of this. Check out our multi-cloud security page to find out more about these technologies: Okta, Auth0, and Fortanix.
Be sure to visit Distology at InfoSec in June! Visit our stand and we can tell you more about these technologies, there may even be free coffee. ☕️
