One of the biggest challenges most companies face is failing to understand their entire attack surface. Before the pandemic, many security and IT teams lacked visibility into and across assets.
Then, in 2020, the rush to enable remote work meant relaxing security protocols as an emergency measure but meanwhile the attack surface had expanded to employees’ weak password-protected Wi-Fi routers, company asset use by family members and the use of family tech for business purposes. Meanwhile, permissions granted before lockdowns may have persisted without appropriate controls in place.
Now that some workers are returning to the office, the time has come to once again assess where the weak spots reside.
Role-based permissions and IAM are essential for controlling who has access to what, but even together are inadequate, which has fueled the adoption of MFA. In addition, cyber security vendors are now using machine learning for user behavioral monitoring, not only to identify errant behavior, but also individuals’ personal deviations from their own normal behavior. User monitoring has several benefits including logs which memorialize the behavior, the ability to establish baselines for individual users and the ability to detect behavioral changes at an individual level. The overarching benefit is speed of threat detection and also escalation such as through alerts. The notifications may be used to trigger automated responses.
Meanwhile, BYOD, remote work and IoT/IIOT have all have underscored the need for robust endpoint security. Antivirus/antimalware software has also been extended to the IoT, sometimes embedded in a router.