2020 threw a curveball and forced many cyber teams to shift priorities. Will you go back to some of the 2020 strategic projects, or has the environment changed your priorities?
Cybersecurity in 2021
The cybersecurity landscape continues to evolve and expand quicker than Apple’s iPhone releases (and that’s saying a lot). In 2021, we are not only concerned with the traditional areas of cybersecurity – protecting the perimeter, preventing malware and viruses – we are also faced with uncharted territory involving safeguarding data, protecting endpoints, securing cloud workloads and applications and managing business operations with a mainly remote workforce.
As we reset the calendar and budgets, we also reset our annual objectives. It can be challenging to know where to start, especially when balancing industry trends, evolving attack methods and tight budgets. To help, the Brite team is guiding you through some of this year’s top projects, ensuring you have the tools and resources to deliver successful results.
Top Cybersecurity Projects
Project 1: Identity Access Management (IAM) and Identity Governance
An IAM program is an organization-wide approach to gaining control of who has access to what. The objective of a comprehensive IAM plan is proactive risk mitigation by defining and managing roles of individual users and the conditions of granting/denying access. This is more than just adding multi-factor authentication or strict passwords. When done properly additional benefits include:
- Improved users onboarding/offboarding
- Audit compliance
- Ability to view and manage identities across the entire company
- Reduced insider threats
- Improved ROI on existing security investments.
Many of those benefits are well known, but the fear of decreased productivity is often a deterrent from starting.
A recent success story from our colleagues at Integral Partners describes a financial institution that was required to implement an IAM program to be in compliance with strict regulations. The question was, what is the most efficient way to go about this? The team took on the project and outlined a roadmap with a detailed strategy, and ultimately recommended a plan for role-based access and file sharing utilizing their existing IAM software. Learn more about creating your own IAM roadmap outline here, or dive into the topic with this on-demand webinar.
Brite’s Featured Partners: Integral Partners, SailPoint, Ping, CyberArk, Okta
Project 2: Cloud Transformation
The move to the cloud has been on a steady rise for the past decade and was accelerated by necessity in 2020. Every company has had to evaluate its approach to cloud utilization for infrastructure and/or applications. Cloud migration is a true journey that transforms both the user experience and data workflows.
The benefits of cloud migration are well known and include improved flexibility, adaptability and scalability. But now with remote workers, the direct to cloud option adds tremendous performance improvements. The network perimeter has been infinitely extended out to the user’s edge, essentially the Wild Wild West. While this improves productivity for end users, it presents significant monitoring and management challenges for cybersecurity professionals. The loss of control can be regained through Secure Access Service Edge (SASE) and Cloud Access Security Broker (CASB) technologies, providing visibility, data protection and secure access from anywhere.
Brite’s Featured Partners: Arista, Netskope, Palo Alto Networks, Check Point
Project 3: Integration & Orchestration
Tools alone don’t solve problems. We all know this, but we also understand the intended value is often never fully realized. 2021 should be a year to evaluate your current technology stack and how you can extract more value out of these existing investments. In addition to evaluating the core system capabilities, we recommend you explore the power of integrations between existing tools.
You will often find ways to improve your security posture or shorten response time through tool information sharing and automated orchestration. If you don’t have the internal capabilities, the implementation and management of orchestration can be outsourced to a managed security services provider. Check out BriteProtect, Brite’s efficient managed cybersecurity services that specializes in standardization of data from various tools to create easily correlated records for rapid and appropriate response.
Brite’s Featured Partner: BriteProtect
Project 4: Prevent Lateral Movement through Microsegmentation
You are only as strong as your weakest link. Bad actors know this. They understand that crown jewels are well protected, but there is always a way in. On average, an attack can go undetected for more than 250 days. During this time, the attackers can move laterally within the environment to gain access to the true target. This lateral movement can be prevented through microsegmentation, creating a ring fence around the critical workloads.
While there are numerous methods for microsegmentation, the first step is to analyze the existing connections and understand what is necessary to perform its tasks. Any non-essential connection should be prevented. Also, inspection of the traffic down to Layer 7 ensures appropriate data requests are delivered over the approved connections.
Traditional methods of segmentation require the traffic to flow through a centralized chokepoint, like a firewall. Organizations are able to limit the impact on network traffic and eliminate the need for redesign by utilizing specific microsegmentation technologies. All with the added benefits of gaining complete visibility and granular enforcement.
Read ‘Securing a Network: Gain Control of Network Traffic for more insight.
Brite’s Featured Partner: Guardicore
Project 5: Email Security + User Awareness Training
The statistic that summarizes the state of email security is that there was a 700% increase in phishing attacks in March 2020 alone. It is clear that every organization needs advanced email security tools that are able to:
- Block both known and unknown threats (before they hit the inbox)
- Provide visibility into threats targeting end-users
- Improve operational effectiveness with automated threat response
- Protect against data loss via email
While email security tools are powerful, they are not impenetrable. Implementing an end user awareness training program transforms employees from being a liability to your last line of defense. Using controlled simulation attacks, all users will gain knowledge and exposure to how deceiving and authentic phishing attacks can appear. Organizations see a dramatic decrease in successful phishing attacks after utilizing an end user awareness program.
With a strong email security strategy, the number one threat vector – email – will be protected against attacks.
Brite’s Featured Partners: KnowBe4, Proofpoint, Mimecast
Where to start…
The reality is that every project can’t happen overnight. First, gain a complete understanding of all security gaps. Then, prioritize projects based on your organization’s unique needs. The Brite team’s mix of advisors, engineers, project managers and partners are here to help at any stage. If you are unclear where you would like to start, ask us about a free assessment.