Threat Surfaces Are Expanding
The proliferation of devices requesting access to the network, driven largely by the adoption of BYOD policies and utilization of IoT devices, has forced network security teams to be more diligent about setting and enforcing effective access control policies. Despite best efforts, attempts to address this evolving problem are akin to putting a finger in the dike – rogue devices inevitably slip through the cracks, leaving corporate networks vulnerable to ransomware and countless other cyber threats.
What’s more, network complexity complicates the issue. Today, networks consist of an ever-increasing number of WANs, LANs, VLANS, SD-WANs, MPLS, VPNs, employees’ homes, coffee shops, hotels, airports – wherever authorized devices can connect to gain access to company resources. As if the industry needed another acronym – some are calling it Bring Your Own Network (BYON). Regardless of how we define the trend, access to everything (from everywhere) has changed the security dynamic.
The impact on corporate bottom lines is tangible. The risks and costs associated with network breaches are growing larger by the year. It seems as if every day a new Fortune 500 company is reporting a costly cyberattack. Data breaches from January through September 30, 2021 (9 months), exceeded the total number of events in the entire year of 2020 by 17% (1,291 breaches in 2021 compared to 1,108 breaches in 2020). Adding to the challenge, threat actors are becoming more sophisticated and prevalent, leaving organizations on their heels fighting to catch-up.
A New Age of Cyber Threats
Cyber threats have become alarmingly prevalent, with malware increasing 358% overall and ransomware increasing 435% in 2021 compared with 2019. All threats, from phishing to attacks on Internet of Things (IoT) devices and supply-chains, have grown exponentially. Attacks on IoT devices tripled in the first half of 2019 and supply chain attacks were up 78%.
Costs have escalated in tandem. The average ransomware payment rose 33% in 2020 over 2019, to $111,605. The total cost of cybercrime for each company increased 12% from $11.7 million in 2017 to $13.0 million in 2018. Data breaches cost enterprises an average of $3.92 million annually.
In an attempt to mitigate these costly risks, many companies have opted to deploy niche solutions and tools such as network and host intrusion detection, various threat intelligence feeds, and mobile device management. While useful in isolation, these disparate tools (e.g., Network Performance Management, SIEM, XDR, SOAR, etc.) create many different panes of glass, leaving gaps in network security and complicating IT infrastructures. All this means extra work for already thinly-stretched IT teams. In this sense, less really is more.
Essential Areas of Cybersecurity
The cybersecurity software market is oversaturated with tools that have been designed for very siloed tasks. Many of these have been developed in direct response to new threats, and require a certain focus and sophistication that doesn’t lend itself to the average IT professional’s chaotic daily life. Instead, companies need to develop a simple, yet solid security foundation that consists of three essentials:
- Firewalls to monitor incoming and outgoing network traffic
- Network access control to enforce access policies, assess connected device risk and remediate non-compliant devices
- Endpoint protection like antivirus to prevent, scan, detect and eliminate malware and other viruses from devices
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。