digital nomads
Fostering Digital Transformation One Nomad at a Time: How Both Organizations and Employees Benefit from Remote Work Strategies
Reading Time: 4 minutes

Digital Nomad, a term coined twenty years ago by Hitachi executive Tsugio Makimoto in his book by the same name, predicted that technology combined with our natural urge to travel would let people live, work, and exist on the go rather than being tied to an office desk or physical work location.

Today, 4.8 million independent workers in the United States describe themselves as digital nomads with 17 million more aspiring to become nomadic workers according to findings by MBO Partners. Digital nomads are defined as a population of independent workers that embrace a location-independent, technology-enabled lifestyle that allows them to travel and work remotely, anywhere in the world.

The rise of the digital nomad also embodies the essence and promise of digital transformation. The Workplace Evolution study by the Harvard Business Review found that “Digitization is impacting every aspect of business, radically changing the ways in which companies grow and compete. The speed and scale at which technological breakthroughs are emerging have no historical precedent and have created an imperative for businesses across industries to respond rapidly with their own digital transformations in order to drive growth and create competitive advantage.”

Organizations that move forward with new digital transformation strategies, products, services, cloud computing infrastructures and business models, also must develop new ways for their global ecosystem of workers to engage and add value. A worker’s ability to connect anywhere, anytime to collaborate with coworkers can determine the level of productivity possible within an enterprise, beyond independent contractors that would normally be considered remote workers. The Workplace Evolution study also found that an organization’s workplace strategy can be a key enabler of or hindrance to digital transformation illustrating the need for organizations to adopt new modes of work to maximize productivity.

Digital Native Expectations

By 2025 digital natives, those technologically adept with the expectations of a nomadic work lifestyle will make up 75 percent of the global workforce, according to a future of work-study by Microsoft. This new breed of workers expects work flexibility including where and when they work with flexible office spaces on demand to connect and collaborate with coworkers when necessary. Generationally, digital natives demand the lifestyle afforded to digital nomads, something that 75 percent of Millennials would like to do more of. Millennials and Generation Z are also looking for increased employer flexibility about where and when they work with staying connected being key to both their work and personal lives.

Digital natives have grown up with technologies such as smartphones and social media being the primary way they communicate with friends and coworkers. “For them, forming and conducting relationships with people through mobile technology tools and platforms is simply how the world is supposed to operate, including at work. These digital natives are also more likely to prioritize a sense of purpose when considering where to work and are often motivated as much by the desire to ensure their work has a positive impact on society as they are by more traditional measures of success,” states Microsoft.

Benefits of Working Remotely

In the last 20 years, the number of remote workers has quadrupled. And today 43% of all U.S. employees work off-site at least part-time, according to Gallup’s State of the American Workplace report. Research also shows that employees believe working remotely is not a productivity barrier with the majority of Americans believing that remote workers are just as productive as those who work in an on-site office.

Providing employees with the ability to work remotely benefits both businesses and workers. According to Microsoft, in addition to increased productivity, businesses save over $11,000 per remote worker per year on decreased real estate costs, electricity, staff turnover and absenteeism.

Enabling employees to work remotely also benefits the environment by reducing greenhouse gas emissions by 54 million tons per year, roughly the equivalent of taking 10 million cars off the road. With the average round-trip work commute standing at 54 minutes a day, employees who work from home can save the equivalent of 30 work days per year that normally would have been spent in a car.

Online Security for Digital Nomads and Remote Workers

As companies embrace both digital nomads and digital natives desiring remote teamwork and open information sharing, online security is becoming more critical than ever as organizations must plan to protect their digital assets and customer data in a new work world. With 85 percent of corporate assets already digital and more information existing outside of a company than inside a company due to the rise of cloud computing, an unprecedented rise in cyberattacks is taking hold.

In 2017, the number of security breaches more than doubled compared to the previous year. For businesses, the stakes are high as it takes companies an average of more than 99 days to discover a security breach and roughly 50 days to address the breach itself. A study of 65 public companies that experienced cyber attacks since 2013 found stock market valuations fell by as much as 15 percent in the most severe cases. And it is estimated that cybercrime will cost approximately $6 trillion per year on average through 2021. 

Even more critical is the potential impact on brand reputation and trust: data breaches that expose customer information can be devastating not only to a company’s reputation but also its balance sheet.

Identity as the New Perimeter

 As the methods that malicious online actors use to attack organizations continue to evolve and increase in sophistication, organizations must stay ahead and deploy strategies to protect both their critical information assets and workers.

Organizations cannot rely solely on the traditional model of securing an organizations’ perimeters as identity itself has become the new perimeter due to digital transformation and remote workers, contractors, partners and suppliers all interacting with critical and private data across the globe on a daily basis. The need to identify who is accessing what information or online resource and when is quickly becoming a critical component of every modern cybersecurity strategy today.

With more businesses adopting open and collaborative work cultures that embody the ethos of the digital nomad, they are also risking the security of their information assets by allowing the open flow of data across devices, people, and physical locations.

The future of work styles enabled by digital technology and cloud computing necessitates a new way to secure and protect information as perimeters become porous with the distance between attacker and employee or contractor being only access credentials. New security models must start with an individual’s identity to identify data and digital resource breaches at the worker level so that the breach can be quickly stopped before they spread.

Companies today and in the future will need to deploy security solutions that maximize worker productivity while balancing the desire for digital nomads and digital natives to work and collaborate freely with coworkers globally. By providing remote workers, contractors, partners or suppliers with remote access tools and technologies that include critical identity access solutions, organizations will be able to protect not only their own information assets but also their worker’s data, devices and apps and resources any time, anywhere.

Read More
Podcast-Ep.5---Blog
Beyond The Perimeter Podcast, Episode 05: Why AppSec is Key for Your Dev Toolbox
Reading Time: 6 minutes

Listen to this podcast on iTunes, Spotify or wherever you find your favorite audio content.

In this edition of the Beyond the Perimeter Podcast, we discussed the Poshmark data breach and interviewed Avi Douglen from Bounce Security about Application security risks.

Breach of the Month: Poshmark

On August 1, clothing marketplace Poshmark confirmed they had experienced a data breach. Poshmark is said to have some 50 million users.

The looted data includes customers’ full names, genders, cities, email addresses, linked social media profiles, and account passwords—but in a hashed cryptographic form. 

Due to the breach, the company is telling its customers to watch out for phishing emails, especially those that look like they are coming from Poshmark.

In a blog post by Poshmark, they warned their users with the following statement, “Be aware that Poshmark would not ask for personal information such as your login information or password in email communications. If an email you received asks you for this information, the email was not sent by Poshmark and may be an attempt to steal your personal data.”

In this episode, I talked to Avi Douglen to learn more about his experience in application security and why businesses should look into adopting an application security program internally. 

Not The Common Career Path to Security

There is no one true path to a career in cybersecurity. Some people will have the aspiration from a young age to work in security and some will learn on the go. In Douglen’s case, he was at the right place at the right time: “I actually kind of fell into it. I started my career doing software development of a product that I was working on and the security always seemed a bit dodgy. But whatever, you know. I’m a new programmer. What do I know about it? But then I got recruited to go work actually at the Israeli Police as a developer of security software, security infrastructure for all the very sensitive systems as I’m sure you can imagine. While I was there, of course, we’re developing security products. So I was part of identity management, permission controls and access controls before that was even a thing.

Like many security professionals, Douglin gained his security experience on the go. “I learned from actually testing things out because this was back before security was so popular. There were so many things and it was like OWASP was barely starting and this was back in like 2001. I discovered all the security aspects as we went on and kind of as the requirements came from the field and from the developers that had their own requirements but we don’t know how to deal with these.”

By gaining this experience over time, it led Douglin to a career in application security. “I got recruited into a security consulting company and I came in knowing a lot about security requirements from the developer side. So from there, I kind of found my home so to speak in application security and software security.”

Application Security is a Shared Responsibility

When asking Douglin what his thoughts were about those whose responsibility it is to conduct application security, he commented that it’s a tough thing to answer. “That’s a really interesting question and I would push that back to say, OK, who’s responsible for the quality of software? Well, sure, it’s the organization and sure you do expect a developer to be responsible for the quality of the code they put out, right? Obviously you’re not going to hire somebody to write code if they don’t know how to write code. But the organization absolutely needs to support that. You need to have time and the right tools for application security. You need to have the education and process, methodology and it needs to really be treated – from my perspective, it needs to be treated exactly like the quality of software and it’s one aspect of quality. You can’t be an excellent programmer if you’re not also doing security. It really comes down to how you’re producing software.”

Douglin believes that it’s not only on the developers who are actually writing the code. “I don’t think it should all be on the developer side, not at all. But it definitely needs to be one part of it. There are definitely organizations and there are developers that try to push the code out as fast as possible and don’t really care about bugs or passing tests or even if it really works. You know, if it compiles on my machine, I will push it to GitHub, right? On the other hand, obviously we can’t fault all on the developer side because not all software security is in code and I really think that security just needs to be one other aspect of everything that everybody does. So DevOps folks are doing DevOps and security needs to be part of it. Their pipeline needs to be secure and if they’re doing unit testing and things like that, they obviously need to be security unit testing.”

Organizations Still Have Room For Growth With AppSec  

When asked are organizations more equipped with application security, Douglin commented it depends on the organization. “There are two completely different types of organizations and you really can’t correlate them. Some of the more mature, more responsible, more security-minded organizations will distribute across the graph as you would expect and some of them are early in their journey and some of them don’t have a full program and some of them do, some of them are more evolved.  On the other hand, some that you would expect to be more evolved and have a full program don’t necessarily and they never will and even if you try and push it into them, it will not succeed and just too much heavy decades of legacy, legacy of code, legacy of process, legacy of people sometimes, that you – that will never change. So breaking it down to your question, I would say it’s a tough question because I think most companies are not where they should be. Many are on the right path.”

Douglin highlighted the importance of open source security tools as something that developers at organizations can start adopting in their application security toolbox. ”There are some great static analysis products called SAST, static application security testing, which basically is an automated way to scan your code and these are great and you got some tools which will monitor your dependencies and your components. Open source components can have a known vulnerability in one of the versions of the components that you’re using and usually, most products will have several dozen dependencies, external dependencies at least in a trivial application. Sometimes it could easily be hundreds or more. So there are some great tools out there. I just saw one of the vendors come out with an open-source plug-in for a visual studio code that will monitor in code and it will tell you that this library actually has vulnerabilities. You should upgrade or use a different library.” 

Huge Advocate of OWASP Projects 

Douglin is extremely active in the OWASP community and in his spare time, he is taking part in his own OWASP project. And when asked which projects he recommends listeners to check out the list goes on. “There are a bunch of great projects out there. I am part of a sub-project which is a Threat Modeling Cookbook, which is starting to put out a whole bunch of “recipes,” kind of like threat patterns. So if you put in a bunch of Docker microservices. Then there’s a set of threats that you need to consider and take care of and you don’t need to spend two days of threat modeling this infrastructure and you have a set of common standard mitigations that you can use without having to consult the security expert. So all these things is – that’s where we’re headed to try and create that and flesh that out”

OWASP has an endless amount of projects for free for developers and security experts. When asked which projects Douglin recommends listeners to check out,  the list goes on. “There’s a lot of great projects depending on where you’re coming from. First I will call out to OWASP ZAP. That’s an interactive proxy which does a lot more than that. Not only does it monitor and intercept any requests being sent between your browser and the server. It has a lot of dynamic attack functions. So it would kind of test your web application as you’re testing it and it supports a great API. So you can integrate this and I know a lot of QA teams and DevOps teams that have integrated this in automated tests and yeah, you can definitely invest and get a great commercial product, web scanners, you know. But this integrates better than some of the other products out there and the ZAP API is great.”

Douglin also recommended how noobs can get started with OWASP projects. “Go to OWASP.org, click on projects. You get a whole library of projects there. Another project that I really like especially for people starting to discover this field of application security is what’s called the OWASP Juice Shop which I say is the best place to never ever, ever, ever buy juice online. It’s basically a modern webshop to buy juice except that you never actually get the juice. What you do get is a whole bunch of built-in vulnerabilities, which are common for modern applications. So it’s great for exercising, for learning and for practicing different vulnerabilities and finding out how SQL injection works and how cross-site scripting works and dozens of others. It’s one of the best capture-the-flag apps out there.”

To hear the entire interview with Avi please listen to the full podcast here. You can follow Avi on Twitter @sec_tigger. To sign up for OWASP Appsec Israel visit https://appsecil.org/

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.

Read More
real estate
The Real Estate Industry as an Unexpected Target for Hackers
Reading Time: 4 minutes

Over the past decade, companies in the technology, government, finance, and retail industries have become a common target for cybercriminals, but additional – and less obvious – industries are at risk as well. One of these unexpected targets is real estate, which has recently grabbed the attention of hackers as a source of data that’s easy to dip their fingers into. 

The real estate industry does not immediately bring to mind data security, password management, or networking. However, it is important to consider the amount of personal data stored in the networks of real estate firms. Between contracts, personal information, bank accounts, and other details – data floating around the real estate industry is much more valuable (and exposed) than previously assumed.

Real estate companies and agents often work online with housing listings and hosted real estate systems. While these systems offer many modern benefits for real estate agents, they also increase the exposure to different security risks including outdated software, limited password policies, and system vulnerabilities. While these systems are critical for real estate agents to do their job, they must consider the different security risks that can threaten clients’ data and personal information. 

The average real estate agent or employee does not consider the security risks that come along with their job. In order to protect their clients’ information, it is pertinent that real estate workers understand what they can do to avoid falling victim to a cyber attack.

Why is the Real Estate Industry an Attractive Target? 

real_estate_infographic

 

 Image from One Step Secure IT, 2018

The real estate industry accounts for a large number of financial transactions that involve sensitive information. This information tends to include bank account numbers and the buyer’s personal data based on the real estate system stored via the cloud. With a large amount of sensitive data on the cloud, hackers are finding real estate data is more accessible than ever before.  

The most famous attack on the real estate industry occurred in 2019 with a data breach of real estate and title insurance giant First American. The data breach exposed the sensitive financial data of over 885 million customers. This is just one example of recent attacks on the industry. It makes sense to aim at the real estate industry as its market value is evaluated at over $32 trillion: a ripe target that makes it clear why hackers are attracted to this sector.

Hackers enjoy learning more about their victims by taking the time to research the ins and outs of their targets. When attacking targets in the real estate industry they run phishing campaigns to gather personal information in order to exploit the different accounts of real estate agents, sellers, buyers, and anyone involved in the sales process. After gathering the requisite information, hackers might casually wait when the sale of the property is final, and when it’s time to transfer funds they will imitate the person they are hacking and redirect the funds into their own accounts. 

Easy Targets to Attack 

Many real estate companies are not up to date with the most recent security risks, which can make them an easy target for hackers. In general, the real estate industry is less security-minded than other industries, lending itself to a weaker security posture. 

Unlike governments or financial regulators, which enforce some level of compliance or security policy on various sectors, the real estate industry has relatively less oversight and has not entertained any law requiring relevant companies to adopt policies to protect their client’s data or their network systems and resources.  

Even with regulations in place, merely implementing security policies isn’t enough for real estate businesses. Unlike other industries that have been dealing with cyber attacks for years and are more prepared against attacks, the real estate industry is far from safe and must do extra reinforcement. 

Most real estate firms are still implementing outdated and non-cloud friendly network solutions to run their infrastructures. These systems don’t have the modern security features in place to fight off more sophisticated attacks. 

The systems, and how to revamp them, are not the only problems that real estate players tolerate. They must also be aware of the popular types of attacks that hackers will implement and how they can direct their resources to defend against them:

Business Email Compromise

The most popular attack used by hackers on real estate companies is a business email compromise (BEC) attack. A BEC attack convinces businesses to wire funds to an account by impersonating the business (in the case of real estate it would be the sellers of the property). In most cases, the hackers will send an email from a fake account that looks similar to the employee in the business. Often they will use the name of the CEO or the name of the trusted party in the transaction. According to the FBI, over $3 billion of losses have been due to business email attacks.  

Ransomware 

Cybercriminals send out malicious emails to victims with the sole intention to click on a link in the email. If the person falls victim, the hacker can easily encrypt all of the victim’s data and resources. A successful ransomware attack results in blocking access to the exploited data and resources, making it unusable until the ransom is paid to the hacker. Real estate is targeted frequently with ransomware attacks due to massive amounts of employee data, significant sums of money in bank accounts, and confidential information that can be exploited. 

Cloud Vendor Flaws

Real estate businesses are following the popular trend of adopting cloud-based services for implementing corporate resources on the cloud. While the cloud offers many benefits it does come with some security risks. Cybercriminals won’t need to attack your business to gather your sensitive information, instead they can target cloud vendors to access your data. By adopting a cloud service provider you might think you are decreasing security risks but in fact  organizations need to take extra steps internally to stay secure. Stay up to date with securing business devices and enforce strong password protection. 

Looking Forward

It is important for the real estate industry to understand the risks involved in storing sensitive data without proper security precautions. For the employees who are leading IT and security efforts at real estate firms, it’s vital to think about security on a daily basis and learn to face the ramifications of a poor cyber security policy. Not doing so risks the erosion of the industry and also faith in one of the strongest and most foundational markets in the world.

Read More
1000 customers - Blog Banner
Perimeter 81 Surpasses 1,000 Customer Milestone
Reading Time: 3 minutes

We are excited to announce that we have surpassed a long-anticipated milestone: There are now 1,000 customers using Perimeter 81 to secure their networks. Our company has witnessed tremendous 500% year-over-year growth and tripling the customer base in less than one year. 

Customers have expressed that they appreciate our service for its intuitiveness, ease of deployment and high scalability. We truly see our customers as partners in building our product, and we believe this has been our real growth engine. 

When we launched our Secure Network as a Service in 2018, the majority of our initial customer base was tech and SaaS companies. Early adopters of cloud and mobile, tech organizations were onboard with our innovative solution from the start. As the shift to cloud and remote work became more widespread across all industries, even before COVID-19, we were able to roll out our platform to relevant sectors and fields. 

Now, we serve customers in a range of industries with our clientele comprising 38% tech companies, 10% healthcare, 9% in the finance sector, 6% consulting services, and the remainder in retail, media, education, government and more.

With remote work as the new normal and our collective status quo for the near future, more businesses have realized the continuity plans they have in place aren’t equipped to safeguard against new and evolving security risks for remote workers, or resilient enough to sustain operations through another potential outbreak. We’ve come prepared with a solution that will drive us moving forward.

Gaining Momentum Towards SASE

The typical organization’s network is more complicated than ever, and traffic through these networks is increasingly convoluted, with data flowing between local resources, cloud applications, and mobile devices in rapid succession. As resources are now more present in the cloud than on-premises, IT teams have enlisted a bevy of tools to regain the network visibility they need to ensure security. These are numerous, and while they may be able to together provide visibility, orchestrating and managing them is difficult and unwieldy. 

Accordingly, for the past year we have been working tirelessly to build out a holistic SASE solution. SASE (Secure Access Service Edge) is a new converged solution for network and security services. While the term was only recently introduced and coined by Gartner in August 2019, Perimeter 81 is already considered by industry participants to be winning the “SASE space race”. 

SASE enables IT security solutions to provide a more holistic and agile service for business networking and security. By offering a unified security solution, we are simplifying the consumption of network security for organizations of all industries and sizes – and this is shown through our expanding customer base. 

Looking to the Future

While COVID-19 will not last forever, the technologies adopted during the pandemic will continue to be used far into the future. Many businesses that previously did not have the option for employees to work remotely or from home can now allow their workforce to remain remote if they choose, as employees can securely connect to the organization’s resources through Perimeter 81. We are proud to help businesses continue functioning productively and securely through these times and into the future. 

It is time to look past the legacy hardware solutions and look into the future with a more secure and modern approach to network security. Organizations are relying on Perimeter 81 to continue working securely from home, with our cost-effective, cloud-based, highly-scalable solution. We are helping organizations of all sizes and in many industries work through these trying times and continue to use our services well into the future and we are grateful to our 1000+ happy customers who are along for the ride. 

Looking forward to celebrating many more milestones together,
Amit and Sagi
Perimeter 81 Co-founders

Read More
Webinar Recap: Criminal Evolution in the Age of COVID-19 & How Organizations Adapt to the New Normal
Webinar Recap: Criminal Evolution in the Age of COVID-19 & How Organizations Adapt to the New Normal
Reading Time: 4 minutes

Remote work is here for the long run, and as businesses adapt to the new normal, hackers are also adjusting to – and taking advantage of – this new status quo. The COVID-19 pandemic has changed the way we work by transitioning most of the workforce to be remote and turning our homes into offices. This shift has seen hackers and cybercriminals modify their approach and adapt their hacking methods accordingly. 

The combination of rapid cloud adoption, BYOD, and remote work have opened the door to new breaches and hacks. This requires organizations to transform their defensive playbooks and to better understand how hackers are utilizing the crisis for data theft. Recognizing how criminal business models have evolved is key to protecting our data and resources in the present. 

In early September, security researcher and “friendly hacker” Keren Elazari joined Sivan Tehila, Director of Solution Architecture at Perimeter 81, in a discussion about the evolution of security threats and cyber crime in our new remote work era. From Zoom bombing to account takeovers, access mining and phishing, Keren and Sivan shed light on emerging security threats and shared practical ideas on how to build a more secure future for your organization. 

Watch the webinar on-demand:

 

What new security threats and trends have developed over the past 5 months of working remotely? 

Keren kicked off the discussion by explaining that during the pandemic, criminals have amped up their activity. During the pandemic, we saw how adaptable hackers really are. Once a specific region was hit with COVID-19, cybercriminals hit those areas with phishing, malicious emails, contact tracing apps, etc. They have been following the pandemic and capitalizing on it. Keren also discussed access mining, AWS mining, malware, ransomware, island hopping, and more developing trends. Sivan followed up with examples from current events and trends from the industry. During the pandemic, more organizations have been adopting cloud-based solutions and rethinking their business continuity plan, especially healthcare and educational organizations that have been a hot target for hackers during the pandemic. 

What are some things that we should understand about the way a hacker’s mind works? 

Keren discussed how hackers are curious and constantly striving to find ways to use tools and processes in an unexpected way. For years, hackers have been “living off the land” and utilizing resources that they access in order to exploit them, especially during the pandemic. Keren gave examples of opportunities from within an organization that hackers leverage for their advantage. Additionally, hackers are finding ways to have more interaction with their targets in order to craft their attacks.  

Now that home is the new office, what does this mean for IT Managers, organizations, and employees?

In our new normal, the responsibility to secure our networks falls on all employees as well. Sivan explained that IT Managers must have a strategy in place in order to deal with the challenges of remote work, as well as make adjustments to their security training in order to find a balance between realistic security requirements from employees and the appropriate enforcement of policies. Attackers are becoming more sophisticated but when we use different layers of security, we can help protect our data and networks. IT Managers should adopt unified solutions that give them control and visibility of their network and users in one place, in order to simplify managing employees remotely. 

How has the rushed adoption of cloud computing and storage brought about more ways to exploit network vulnerabilities? 

Continuing from the previous question, Sivan discussed dark data and a lack of awareness of where remote employees are storing their data. When moving to use cloud-based infrastructure, it is important to map out assets and prioritize security goals based on this map. When using the cloud, we use more applications and remote protocols in order to access data, so we must manage this remote access with the correct encryptions and protocols in order to avoid hackers exploiting our networks.

Keren expounded on how the land has expanded for cybercriminals – infinite computing power that they can leverage. When working from home, there are additional devices that we are using and that are additional entry points for hackers. After providing some recent examples of vulnerabilities in existing systems, Keren explained how criminals are aware of the way we are using various tools and software. 

Moving forward, how should organizations set up a business continuity strategy for cybersecurity? 

For the final question, Keren discussed multi-factor authentication and the need to eradicate passwords. We can take this pandemic as an opportunity to improve our security posture and throw old practices, such as passwords, out the window and to move on to more modern and more secure technologies. Sivan added the importance of going back to the basics and asking ourselves what type of adjustments we need to apply – how we identify a threat, how we protect our networks, and what new layers of security we need to adopt in this day and age. In the past when we used to protect the perimeter, now we have to protect not only outside but inside the network as well with micro-segmentation and different security layers. 

After an exciting discussion with insights, examples, and tips, the panelists moved on to answer questions from the audience. If you were unable to tune in live but still would like to address questions to the speakers, feel free to reach out to us on LinkedIn, Twitter, or Facebook

About the Speakers

Keren Elazari is an internationally recognized security analyst, author and researcher. In 2014, Keren became the first Israeli woman to speak at the prestigious TED Conference. Keren holds a CISSP certification and a Masters in Security Studies, and is currently a senior researcher at the Interdisciplinary Cyber Research Center at Tel Aviv University. Keren is the founder of Israel’s largest security community, BSidesTLV, part of the global SecurityBSides movement, and the Leading Cyber Ladies global professional network for Women in Cyber Security.

Sivan Tehila is the Director of Solution Architecture at Perimeter 81. Sivan is a cybersecurity expert with over 13 years of experience in the industry, having served in the IDF as an Intelligence Officer and then in various field positions including Information Security Officer and a cybersecurity consultant. For the past two years, Sivan has dedicated herself to promoting women in cybersecurity and founded the Leading Cyber Ladies community in NYC.

 

Read More
Business Continuity Plan Blog Post
Business Continuity Planning: 5 Actions CISOs Need to Take Now
Reading Time: 4 minutes

Organizations around the globe are engrossed in one of the major network revolutions of all time. The COVID-19 pandemic forced organizations to quickly adapt to different challenges over the past six months. With the sudden transition to working from home, organizations were required  to rethink their digital strategy in order to deal with the new normal.   

Remote work policies are changing the way we work. As new remote technology is introduced into the organization strategy, it’s important for the entire organization to understand the importance of how it affects their daily work routine. 

With the changes in technology and the location of the working environment, the organization’s management team needs to think about the different challenges facing them. One of the more important but less headline-grabbing threats that all businesses need to think about is their business continuity plans.

Business continuity is coming up with a plan for a company to deal with serious incidents and disasters in order to ensure the business can continue functioning within a reasonably short period. In the case of COVID-19, most organizations were unprepared for this unprecedented shift to remote work, something they had not previously considered and therefore not included in their business continuity plan. Too often we see business continuity plans to be over technical or high level for the casual employee which usually results in the lack of actual actionable items to implement. 

Now that we are currently over six months into the new reality and remote work is inevitable for the foreseeable future, organizations should be updating their BCPs. Chief Information Security Officers (CISO) and Chief Information Officers (CIO) have invested time and responsibility in the effectiveness of their business continuity plans. In today’s day and age, a cybersecurity strategy is an integral part of keeping businesses running while workers are remote. 

In order to gain insights into actions that CISOs can take to improve their organization’s business continuity plan, we spoke with experts who gave us their top tips. 

Be Involved In the Process But Delegate

Business continuity is an essential part of the survival planning for every business and organization. Too often it is erroneously assigned to the Information Security leader when in essence it is a business project and process that involves the key decision-makers in the C-Suite. Of course, a good CISO needs to be involved in the process, but should not own it.

“Any viable Business Continuity Plan must be tied and coordinated with a Disaster Recovery Plan. Essentially, a business must go on regardless of any type of interruption. If that requires manual systems to be brought up and be put into place, which is sometimes the case, then a good contingency plan to do this must be well-thought-out and everyone needs to know their part. Building a Business Continuity Team is the important first step and as it must include sponsors at the decision-making level. Additionally, the CISO, CIO, CFO, Legal, Human Resources, and Risk also need to be on this team.” – Richard Greenberg, Founder and CEO of Security Advisors LLC.

Make Sure Recovery Locations Are Useable

One of the biggest lessons people have learned during the pandemic is that business continuity planning needs to account for the fact that the recovery location(s) might also not be usable. The option of working from home was always viable but it was assumed by business continuity planners to be only a few employees and not the entire business. 

COVID totally put that idea out to pasture. The idea that everyone would have to work from home was a total game-changer. Organizations were caught without equipment to make WFH viable thus having to rely on bring your own device (BYOD) which brings a lot of potential risks as well as finding ways to minimize and manage those risks. Some had to re-engineer multi-factor authentication (MFA) to allow for use of Google and Microsoft Authenticator solutions by their employees. They found that their infrastructure was unable to scale, even in the cloud.” – Jeff Hall, Senior Manager of Auditwerx.

Don’t Forget Security

An effective business continuity plan enables employees to continue their work safely and effectively, no matter the circumstances. When working from home, cybersecurity should be one of the main aspects of the continuity plan. 

“To make security stringent your company should follow basic and advanced cybersecurity measures. Always prefer using a secure remote access solution as it provides you with security and privacy over the internet. Similarly, always encourage using systems issued for office work only. Additionally, make sure that your official documents are only shared with the restricted persons this way no irrelevant person will be able to open it even if it’s shared over email. “- Shahid Hanif CTO and Co-founder of Shufti Pro.

Educate Your Employees

Educating your employees about the new security protocols and technology being implemented is an integral part of business continuity. This requires more than just a single briefing, but instead, a regular and ongoing plan of educating employees. 

“With everyone working remotely, it’s a mistake to suggest that the business security only falls on the IT and security teams. Organizations should schedule a virtual security session to prepare employees with the new tools and protocols that the business has implemented. Additionally, security teams should educate employees about the different security risks and attacks that are on the rise with everyone working from home. By educating your staff you will be one step ahead of potential attacks and risks inside your organization.” – Sivan Tehila, Director of Solution Architecture of Perimeter 81.

Test Business Resiliency Capabilities

Given the new and possibly unique user requirements working from home under the current circumstances, are real-time operating systems and a recovery point objective and determined in a pre-COVID world still reasonable, logical, appropriate under the current operating conditions?

“By continuously testing your ability to recover critical business processes with your entire recovery team not being physically in the same location you will be more as a business. I suggest that you check if you can effectively coordinate your recovery team and individual assigned duties via communications tools such as Zoom and Webex. Additionally, you need to check if individual recovery team members have, at their home locations, sufficient Internet capacity to coordinate recovery activities (with multiple other company employees), while at the same time competing for local bandwidth with other in-home Internet capacity demands.” – Al Marcella, President of Business Automation Consultants.

Moving forward 

While COVID-19 will pass, the different actions and experiences can help businesses moving forward. With the right business continuity plan in place, you can provide transparency with your business in the case of recovery should another pandemic or emergency occur. The stronger the business continuity plan the fewer future headaches. 

Read More
Choose SASE for better performance and security
Don’t Neglect SASE’s Impact on Network Performance
Reading Time: 3 minutes

In the end-of-2020 cybersecurity word cloud – a swarm in which floats the most frequently seen, heard, and spoken words in the industry – one four letter acronym will appear bigger and bolder than all the rest: SASE. When discussing Secure Access Service Edge, most of the excitement surrounds its unifying characteristics and how IT finally has a consolidated tool for both networking and security from the cloud.

SASE will improve security and make it easier to achieve, but along with this simple idea comes other benefits. Anticipated less frequently (given that these solutions aren’t being widely consumed yet) is how SASE also delivers better performance across the organization in terms of throughput and productivity. Performance is a complement to the security delivered to companies, thanks to multiple factors including SASE’s presence on the edge, its low-touch quality in terms of IT effort, and the clarity it brings to networks.

A Measurable Network Boost

A central tenet of SASE is that the network is no longer organized around resources that are held in the headquarters, so security needs to match this arrangement. SASE therefore exists in the cloud where its network security functions can be easily integrated into both local and cloud architecture, and managed from a single panel. 

Key to the networking chops of SASE is that providers with a global backbone of data centers are able to put resource access portals closer to where employees and branch offices reside. Instead of every employee connecting to the same resource through a single point, they can do so with their individual devices through gateways nearby. This offers employees around the globe lower-latency access to the tools they need for work.

Speed is increased further due to the lower amount of network congestion that occurs due to SASE’s user-focused access policies. Because it’s built on SD-WAN, organizations using SASE for distributed, secure remote access are able to also create custom rules for certain sources of traffic. This reduces the bandwidth allowed to low-priority users or guests on the network, for example, and it all happens with rules that trigger based on granular qualifiers such as location, device, role and more. With the visibility that SASE provides over network endpoints and resources, it’s easy to “direct traffic” autonomously and efficiently.

Finally, since SASE is a unified solution, customers of a single SASE provider such as Perimeter 81 have multiple choices even within individual security tools. For example, if a company’s network is seen to enjoy faster connection times and lower latency while using the WireGuard encryption protocol, instead of the IPSec or SSL protocols available with other vendors, then they can freely switch to it or even create rules that determine under which traffic conditions these various protocols are applied.

For IT and Employees, SASE Aids Productivity

With traffic controls, segmentation, better visibility and local gateways pushing resources to the edge, it’s no wonder that networks on SASE run seamlessly and smoothly. However, that’s only half the equation. SASE also reduces costs and simplifies the processes that IT engages in, which improves departmental performance significantly.

IT employees no longer have to navigate several different misaligned security solutions each with various ways to control access – they need only to login to their centralized SASE panel, on which all functions related to networking (access policies, segmentation, creation of users and groups, traffic rules, gateway building etc.) and security (enforcement of tools like 2FA, DNS filtering, encryption etc.) reside. 

The sheer amount of time saved maintaining, patching, configuring, and returning to the same tools every time the organization adds a new resource or user is astounding. Not only does this cut costs in terms of the raw number of solutions managed by any organization, it also cuts the burden of time invested from IT’s side, and gives IT managers more leeway to assign proactive, performative, and potentially profit-seeking IT activities to their staff.

With SASE as a multitool – almost a Swiss Army knife of network and security functionality – organizations can clean house and quickly consolidate the various security vendors and subscriptions they used to consume. Suddenly having the same total utilities but concentrated into one tool is a self-explanatory advantage, but the residual benefits – mostly performance related – will be more visible as SASE gains market share.

Read More
Podcast Ep.4 - Blog-min
Beyond The Perimeter Podcast, Episode 04: Your Security Strategy Is Only as Strong as Your Security Hygiene
Reading Time: 4 minutes

Listen to this podcast on iTunesSpotify or wherever you find your favorite audio content.

In this edition of the Beyond the Perimeter Podcast, we discussed the Promo.com data breach and interviewed Sivan Tehila, our very own Director of Solution Architecture,  to gain her insights about security hygiene. 

Breach of The Month: Promo.com

On July 21st, Israeli marketing video creation site Promo.com announced that a database, which contained over 22 million user records, was hacked and leaked for free on a hacker forum.

The data included users’ email addresses, names, genders, geographic location, and 2.6 million of the users, their passwords. This leak included 1.4 million cracked passwords, which is when passwords are decrypted and could immediately be used by attackers.

After the public leaking of their database, Promo.com announced a data breach notification saying they became aware of a vulnerability on a third-party partner’s service that affected their data. If you are a customer of Promo.com, I suggest you should immediately change your password to one that is strong and unique.

If you use that same password on other sites, it is strongly advised that you change your password to a unique one at those sites as well. A password manager can make it much easier to use unique passwords at every site and is highly recommended.

In this episode, I talked to Sivan Tehila to get a better understanding of the importance of proper security hygiene and why it’s a shared responsibility between employees and organizations. 

Military Experience Shaped Her Career

Many career coaches will bring up the idea that your life experiences will help mold your professional career over time. This was especially true for Sivan when it came to her time in the IDF. “I started my security journey in the Israeli Defense Forces as a cybersecurity specialist. If you would ask me before I joined the army, if I would work in cybersecurity as a career, I would say no way. But thanks to the IDF I was exposed to the fascinating world of cyber and the fact that I had a chance to participate in cybersecurity operations and to get that perspective from the army, I fell in love with the dynamic profession. It makes it even more interesting to me and that’s why I love the cybersecurity world, that no day looks like the day before.”

When asked which cybersecurity tendencies she uses in her day to day life in cybersecurity professionally, Sivan discussed how people need to embrace the day to day uncertainty in cybersecurity. “The fundamental thing in cybersecurity is to understand that no day looks the same as the day before. By people understanding and embracing uncertainty it will help them to manage their day to day life.”

Sivan believes the same approach should be taken when it comes to cybersecurity strategies. “I believe that by building a cybersecurity strategy, it’s the right thing to do before you start any project in cybersecurity. You need to understand the environment, threat factors and the attack factors. By having a better understanding of the situation, you will be able to manage and build different solutions for each environment while still being able to operate in such a dynamic environment and responding in real-time in case of an incident. We’re seeing it now with the current situation with the pandemic and the fact that many companies are practicing for the first time their business continuity plan.

“If you have a strong strategy and an updated business continuity plan, you could succeed and get over this crisis. But if you don’t have it, it just takes more time and more effort to be able to overcome this challenge.”

Organizations Are Not Thinking About Security  

The lack of security hygiene for organizations and its employees isn’t new especially when it comes to modern cybersecurity. According to Sivan, the current pandemic highlighted most organizational security mistakes. “When COVID-19 came most companies focused more on the communication between their employees and the company and less on security. Organizations were more worried about how they could communicate via Zoom. I think many of them left the security procedures behind and when they understood that they had to worry about security, for some of them, it was late. It was the regulations that enforced them to apply security procedures and policies.”

When asked about where she learned her security insights and how organizations can implement them, Sivan mentioned how most organizations lack security awareness. “I experienced many security incidents during my service in the army and when I worked for different defense industries in the private sector. The most common issue I experienced was that most organizations lack cybersecurity awareness. The best way to learn and improve awareness is by building a stronger security strategy. An example I experienced was when I built security campaigns and I created a phishing campaign in one of the companies that I worked with. When I scheduled a phishing campaign and I got an email the morning later with the campaign that I created and I did such a great job. So I was the one who clicked the phishing email. I think that was a moment when I understood that it can happen to everyone and that we all are vulnerable.“

Security Hygiene at the Forefront 

When discussing if employee security hygiene is strong, Sivan commented on how employees need to be properly trained. “I think it’s an ongoing process. I mean it’s never enough to just do one time an awareness workshop in a company. It’s something that you need to train your employees all the time. Awareness is something that you should build over time while you need to make sure you keep your employees aware.

“In order to make sure your employees are up to date, training is not enough. For example, organizations should run quarterly phishing campaigns and quarterly workshops that remind employees all the time that security and hackers never sleep. Security awareness has to be always in their mind.”

Sivan emphasized how hackers easily trick employees. “My prevention tips for employees are they shouldn’t just click on a link or open attachments from emails you are not expecting or from unknown senders. Even if you know the sender, still check it twice. Make sure that the sender is someone you know and you were expecting to get that email. Check the URL of the sender to make sure that it’s a legitimate address and remember that companies like banks and the government won’t put a web link in their email to you. They will usually instead advise you to visit their web page and log in through the web page.”

To hear the entire interview with Sivan please listen to the full podcast here. You can follow Sivan on Twitter @securitywitch

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.

Read More
Defend Crypto Attacks
Profile of a Cybercriminal: Cryptocurrency Attacks
Reading Time: 4 minutes

 

It’s true that data has value – just look at Google and Facebook’s business models – but blockchain and cryptocurrency take this idea literally. Cryptocurrency is a literal term because for its hordes of users, cryptography fulfills many of the characteristics that are required to define a “currency”, such as verification of ownership and transferability. Data’s value, on the other hand, comes from the information it holds.

The cryptocurrency model has worked so far, and so naturally, people want to steal it as much as they do data or paper money. Metaphorically, hackers might perpetrate a smash and grab job to steal an organization’s data, but cryptocurrency can sometimes involve more subtle attacks of a different kind – even if the company doesn’t have any cryptocurrency in the first place. Learning to recognize these attacks and others is vital for achieving a proper security posture.

A Blockchain Breed of Cyber Threat

Thanks to blockchain’s unique style of decentralized networking, companies will encounter a new type of attack that isn’t the outright theft of data, a DDoS attack, or something similarly brash. It revolves around the core idea of decentralization that defines blockchain:  that computing power needed to serve users of blockchain websites or apps isn’t generated by a server on the grid. Instead, it’s shared between participants – ideally regular people who use their own computers to support the network.

But hackers exist to turn innovations into weapons. They’ve begun designing attacks that hijack remote PCs to do this, even corporate endpoints, and these attacks connect affected PCs to the blockchain, enslaving them in service of the chain. Crypto mining scams steal a small, nearly untraceable amount of CPU power – even from an employee’s mobile device – and essentially donate it to a blockchain that then rewards the hacker with cryptocurrencies that are then sent to their wallet.

Employees don’t even have to download anything – merely browsing the wrong website is enough. The popular CoinHive program, for example, can steal power from tens of thousands of PCs at once, and stays active even when users close their browser windows. Once a person lands on an infected website, it opens a tiny window hidden under the Start icon on the Windows OS desktop, so CPU power continues to be siphoned off even if the main window is closed. 

For IT teams looking to defend against drive-by crypto mining, it is possible with a two-pronged approach that uses both DNS filtering and advanced network monitoring utilities. The first line of defense is the DNS filter, which can proactively block sites that are known to be infected or those likely to be (using “bitcoin” as a blacklisting keyword for instance). Monitoring can then keep a close eye on bandwidth usage over the network, ensuring that all network bandwidth is being used for the company’s benefit. 

Crypto Scam Defenses Combine Old and New

In a reversal, attacks might be perpetrated from your network and not against it. An employee might mine on his or her company laptop, or if they were especially malicious, use company resources like the website to purposely infect visitors’ or users’ PCs to mine coins. This may have been the case with popular tech support tool LiveHelpNow, a widget which was installed on thousands of customers’ networks to provide their users with easy access to support – but also secretly provided one malicious hacker with a personal stash of Monero coins.

The Zero Trust security approach, achievable with software-defined networking tools, contains elements that would help identify strange network behavior but also institute least-privilege permissions to employees. These would filter who gets access to specific resources on the network. If LiveHelpNow had a rogue employee compromising its product, perhaps limiting access would have stopped them from sneaking in code that affected customers.

For organizations, it’s also important to remember that not all cryptocurrency attacks are this subtle theft of processing power, there are also the more noticeable and devastating network breaches like those meant to steal data. Some of the biggest ransomware attacks infiltrate the network and encrypt important files. They make themselves known by demanding a ransom in cryptocurrency to unlock access to the files, but a classic cybersecurity defense is effective against these events: firewalls, backups, and traffic encryption.

Ransomware can easily make its way into the network when a remote employee connects to resources on an unmanaged device or through an exposed Wi-Fi connection, so enforcing VPN use is bare minimum. Users shouldn’t be able to access resources without encryption, and firewalls are helpful in identifying suspicious traffic and deterring it. Finally, regular backups and patching go a long way to making ransomware attacks harmless – backups mean that data ransoming is pointless, while patching prevents the biggest OS exploits much like with the bitcoin-rich WannaCry worm, which took advantage of weaknesses in Windows 7 and 10.

A Blockchain Re-education

Only a comprehensive security model, one that’s classically equipped but updated with new training against its new foe, is capable of claiming confidence against cryptocurrency scams. From new types of attacks to familiar ones that have an alternate purpose, organizations should ideally go for a multilayered approach in order to put their concerns behind them. Educating employees, as it is with non-crypto attacks, is vital as well.

The decentralizing ideas that define cryptocurrency are all about empowering individuals, but unfortunately, the wrong individuals can feel empowered as well. It’s useful to remind employees how to resist temptation and improve their habits, and also to prepare networks for a younger generation of attacks that manipulate them in new ways.

Read More
Funding
An Exciting Announcement: Perimeter 81 Raises $40 Million in Series B Funding Led by Insight Partners
Reading Time: 3 minutes

Today truly marks a milestone for Perimeter 81.

We are so proud to share the news that we have raised a Series B round of $40 million, led by a premier VC and private equity firm, Insight Partners with the participation of Toba Capital and our existing shareholders. The financing represents a giant leap forward in our efforts to simplify and modernize the way businesses consume cyber and network security.  

It will help support our rapid growth and accelerate our hiring and development, it will further our disruption of the traditional VPN and Firewall markets and most importantly, it will allow us to create the best possible service for you, our valued customers and partners.

We’d like to take this opportunity to reflect on the past and look to the future —  sharing the vision that has driven us so far, and our hopes and aspirations as we move forward.

It All Started with a Vision for Change

Back in our early days as startup founders, when we were working part-time at large enterprises, we had to deal with outdated and complicated network technologies on a daily basis. These were the only choices available to securely access corporate resources. And while these tools were so critical to maintaining employee productivity, they were also incredibly difficult to use.

The first company we founded was a personal VPN service that allowed consumers to browse securely and privately over the public Internet. With this business, we were able to learn how to build highly scalable and global network infrastructure, as well as design a single-click cybersecurity product for the end-user.

During that time, we often reflected on our enterprise experiences. We believed that innovation in B2B network security was necessary and that we could apply what we learned from creating a service for consumers to create a much better experience for businesses. And so, Perimeter 81 was born.

Remote Work Became the New Reality

Three years ago we noticed two key trends in the modern workforce: Cloud and Mobility. Many companies started to migrate their entire assets to cloud infrastructures and the employees — they were working from different locations across the globe. With that in mind, we understood the huge potential and immediate need for a change in the cybersecurity landscape.

We assumed that in the next 5 to 10 years there would be a complete digital work transformation, but in March of this year, everything changed in the blink of an eye. COVID-19 spread across the globe and as it evolved from an epidemic to a pandemic, it forced companies worldwide to send their employees home.

Many new clients came to us in need of a scalable and reliable network security solution. Their site-centric and hardware-based legacy VPN solutions had severe licensing restrictions, or they were simply too difficult to manage — no longer accessible with the new work-from-home reality.

In tandem, our current customers turned to us needing to rapidly expand their accounts, as it was no longer specific teams but rather, their entire organizations that were now reliant upon secure remote access in order to stay productive.

This major global event clearly demonstrated to us the significance and importance of our vision to bring network security into the 21st century, and deliver a ‘one-stop-shop platform’ to house network and security solutions as a service under one roof.

Looking to the Future

As we look at our current global reality, one truth is clear: the future of network security is now. We feel fortunate to have the support of such amazing investors that recognize this truth as well, and want to help us propel a necessary market transformation.

We are thrilled that Insight Partners embraces our vision and shares our belief in the importance of transforming the way organizations are consuming cyber and network security. We’ve had a long relationship with them and have always been closely aligned on the significance of strong SaaS offerings and the value they bring to the market. 

This latest funding round will launch us forward as we build our complete SASE solution. With this platform, we aim to eliminate tool sprawl and consolidate fragmented legacy technologies — protecting businesses globally from large scale, and potentially devastating, cybersecurity breaches. 

On a company level, to support our vision, we are rapidly growing our talented team and hiring for multiple positions across our Sales, Marketing and R&D teams in our Tel Aviv, New York and California locations.

We are confident that in working together with our committed investors, dedicated employees and our valued customers and partners, we can continue to develop highly innovative network security solutions and further disrupt the industry — driving a new path forward to securely enable and fully empower our modern, ‘work from anywhere’ society.

Best,

Amit Bareket & Sagi Gidali, Perimeter 81 Co-Founders

For more information about our unique vision and SASE platform, click here.

Read More
Tool_sprawl
Tool Sprawl: Does Your Company Have Too Many Security Tools?
Reading Time: 4 minutes

Over the years, technology has designed the way we work and live today. As the world evolves and advances, technology does as well.  Just in the past century, we have seen unimaginable technological advancements that have shaped the way we work. Technology allows businesses and their employees to work quicker, be more productive and more efficient.

In the security sector, there is a new phenomenon that is affecting productivity. Today, businesses are shifting from implementing internal security solutions to adopting third party security solutions for their internal and external security.  

While adopting third-party vendor security solutions comes with many benefits such as saving costs and time, automation and more, a common challenge has arisen: security teams are using hundreds of security solutions in their security stack. Each solution provides security alerts that they need to fix manually. On many occasions, businesses will be using similar technologies for the same security challenges. This abundance of solutions offers the idea that security teams won’t know where to go when a security risk occurs in their business. 

What is Tool Sprawl?

The typical organization’s network is more complicated than ever. More resources are in the cloud than on-prem and  IT teams have enlisted a bevy of tools to regain the network visibility they need to ensure security. These tools are numerous, and while they may be able to provide visibility, orchestrating and managing them is difficult and unwieldy even for the most seasoned IT professionals. 

Tool sprawl is the idea of organizations investing in a range of products that make it harder for IT teams to manage and orchestrate the solutions. In the security industry, we see this challenge on a daily basis. While tool sprawl doesn’t happen overnight, it slowly creeps up with every addition of a new solution. 

Most businesses will adopt a new tool in order to fix a specific challenge and then before they know it, they will be using hundreds of tools that become unmanageable. Instead of fixing a problem businesses suddenly have added more challenges. According to a 451 research survey, the average IT and security team are using between 10-30 security monitoring solutions for applications, network infrastructures, and cloud environments. 

Tool sprawl isn’t just for businesses. In fact, the average employee experiences the challenge of tool sprawl in their daily work environment. According to a HubSpot survey, the typical employee is using more than 6 tools on a daily basis and the number will continue to expand. In every level of a business, the result of tool sprawl has become a burden instead of a solution to the problem. 

The increasing adoption of more solutions has created more consequences for organizations and their IT and security teams. The main repercussions that businesses will experience with tool sprawl is high cost and less effective threat response. 

Tool sprawl can get expensive as each additional solution is added. With each solution, employees are forced to be trained on how to use it and how it can relate to their day to day job. Over time this approach is extremely time consuming and not cost-effective.  

Secondly, tool sprawl lowers threat response time. By trying to manage a “Tool Sprawl” environment. Sometimes it might even put the organization at risk when it comes to identifying an attack or to incident response. Instead of responding fast to an attack, it will take the organization a long time to collect the logs and notifications and understand what kind of attack they are dealing with and what action they should take. 

Tool Sprawl Increasing Security Vulnerabilities  

Today’s cyber attacks are more sophisticated and harder to detect – which means sensitive data is more vulnerable than ever. Organizations are adapting to the new threats by moving all their networks and resources to the cloud which has resulted in an increase of misconfigured and exposed deployments of various software. 

This fact, together with ensuing hybrid IT complexity, is creating new security challenges for IT teams. Many organizations choose to implement a range of innovative security technologies in order to deal with the new-generation threats. Implementing those solutions seems essential to IT managers for improving visibility across cloud deployment but the adoption of more solutions to their security stack creates more security risks. 

The result of tool sprawl is diminishing the visibility across employees’ devices and networks which are trying to connect to cloud resources. With the lack of network visibility due to tool sprawl, security teams will experience delayed threat response time and not knowing which tool will fix that specific security risk. By not knowing which tool to use when a specific attack occurs, the organization’s resources and networks will become more vulnerable than before.  Additionally, tool sprawl can provide another challenge for IT and security teams by accidentally creating a lack of confidence in employees’ ability to monitor and enforce fixes when a security risk is presented.

While tools are numerous and they may be able to provide visibility, orchestrating and managing them is difficult and unwieldy even for IT professionals. How do we fix the issue of tool sprawl?

The Emergence of SASE Could Finally End Security Tool Sprawl

In order to gain a high Return On Investment (ROI) with third-party security solutions, organizations need to rethink their security approach. Instead of adopting many different cyber solutions and vendors, organizations should look to implement an easy to use unified platform where they can manage and consume security solutions from a range of different vendors through the cloud as a service.

This new approach will allow organizations to easily consume network security solutions that can be easily integrated with each other all in one platform. This is where the SASE model comes into play.

The Secure Access Service Edge (SASE) model is the idea of combining the key elements of network and security solutions into one unified cloud platform to be delivered as a service. The ideal features in a SASE platform are ZTNA, SDWAN, CASB, FWaaS and others. This unified platform will help organizations to simplify secure access and security to resources and networks on the cloud.  

The emergence of SASE will consolidate the essential network and security functionalities for easy consumption within a single product. When these solutions become the norm, IT teams will be able to more easily manage security, achieve network-wide visibility (even across cloud deployments), and reduce costs, readying themselves to be agile and cloud-confident for the future. Over time, organizations will start to adopt this more unified platform approach which will dissolve the challenge of tool sprawl.

Moving Forward 

As more organizations continue to adopt numerous security tools, they will need to rethink their security strategy to avoid security flaws such as tool sprawl. However, if organizations continue to ignore the fact that too many security products are causing more risks, then those organizations are opening themselves up to potential breaches and poor management which will all point to tool sprawl. Instead, businesses should look for more simplified unified platforms like the SASE model to solve the issue of tool sprawl.

Read More
Security Solutions Escort Banks Through the Cloud Shift
Reading Time: 4 minutes

Data is a commodity that has value just like any other: It can be used to pay for products and services (most free apps use your data in exchange for access), it can be bought and sold, and as we all know, it can change hands. Unfortunately, it doesn’t always fall into the right ones, and so for a bank – which is responsible for both our money and our priceless financial data – security is of the utmost importance.

As they say, “If it ain’t broke, don’t fix it.” So most banks having already found the right security approach for their legacy, closed off, and internal IT systems means that they are hesitant to embrace new technology – this might tip the scales in the favor of hackers. It might also make them more profitable, but upgrading infrastructure comes with new security complications that are a roadblock – because a data breach trumps any business advantage. Right now, cloud technology is in the epicenter of this dilemma.

Is the Cloud a Compromise?

If there are two sides of the fence, on one side is the cloud’s immense potential for bank customer service and competitiveness, and on the other, the need for significant investment and security due diligence that comes with any change to the status quo. The cloud can help banks diminish their core costs and overheads by eliminating hardware and the need to maintain it. It can also help to roll out new financial products and services to customers more quickly, and scale them inexpensively as demand waxes and wanes.

Despite these benefits the transition to the cloud is daunting, and outside of retail or commercial banks, it is happening at a snail’s pace. Of total spending on the cloud, banking accounts for only 10.6% in 2020, according to IDC. Reasons for hesitation include difficulties configuring cloud solutions to both work together and with legacy tools, which may create unanticipated (and intolerable) gaps in defense. Furthermore, banks may feel as if they lose control by offloading internal processes to third-party cloud providers, putting them at these providers’ mercy. Compliance is an obvious issue to be concerned about as well, and the extra degree of separation between banks and their cloud-based resources doesn’t inspire confidence at first.

This hesitation is more unfounded as time passes, however, because the cloud is changing quickly and so is the security surrounding it. For their part, banking perspectives on the issue are changing in tandem.

Lift, Shift, and Uplift

Banks can now be relatively confident that security will be tight as they embrace the cloud, since data isn’t the only thing that’s been commoditized; so has security. Cloud providers invest heavily in their defenses and for many industries, they offer greater safety out-of-the-box than customers can achieve with their own investment in IT. Banks appreciate these assurances, but still have enough at stake to need more. 

In their efforts to avoid a long and complicated process, reduce risk, and front load cloud benefits, executives sometimes see cloud adoption as an “all or nothing” idea. However, the “lift and shift” approach is getting more traction, as it moves parts of their infrastructure to the cloud in piecemeal fashion, based on the importance of the workload and other factors. Many banks are adopting this hybrid cloud model and taking their first baby steps into the 21st century, but if the piecemeal approach is going to be taken, their networks will get complicated quickly and will be in constant transformation. 

This requires a security solution that is more comprehensive than what providers offer, and one that can flex as the network perimeter shifts.

Elastic Security for an Extended Transformation

A bank requires a simple security solution that makes data protection easy, no matter how mix-and-match their infrastructure looks during the various stages of its cloud migration. While hybrid cloud models help banks meet the expectations of demanding and digitally adept customers, they also allow banks to keep sensitive processes internal, and to encourage data protection in diverse environments. Hybrid cloud security is also easier for banks to obtain these days, with SaaS security solutions that more easily integrate into both local and cloud environments.

Network as a Service products help IT professionals apply a plethora of security tools such as DNS filtering, Wi-Fi security, VPN encryption, and multi-factor authentication across the various resources that make up a bank’s network – no matter if it’s local server storage or a popular software consumed “as a Service”. The seamless level of integration covers more bases as the network slowly migrates to the cloud, but NaaS is also especially suited to the hybrid approach because it allows IT to segment the network and restrict access within it, not just into it.

Accordingly, just-migrated bank resources can enjoy multilayered security and yet also be inaccessible to only the roles (and devices) held by IT higher-ups, until they are confident that compliance is achieved. Security can be easily tuned to the changes made to a bank’s network throughout its cloud transformation, with scalable and secure access policies and a quilt of tools that will have any hacker think twice about attempting to get at its data. With time otherwise spent on maintenance, IT is freed up to pursue profit-seeking initiatives.

Security Ups Its Game for a Tough Customer

It takes a lot for banks to be confident in their security, but cloud advancements have extended to security ideas, and make upgrading infrastructure a win-win proposition. With confidence in the cloud’s compliance and safety, banks are able to morph in pursuit of better service, without concern for how customers or their data are affected. Now that this piece of the puzzle is finally in place, banks can go full speed ahead into the cloud, and soon, customers will feel the change in both better financial services and the gradual yet pronounced lack of big hacks hitting the headlines. It’s hard to estimate which will be more welcome.

Read More