15 Nov

“The rapid move to the cloud and remote work are creating dynamic work environments that promise to drive new levels of productivity and innovation. But they have also opened the door to a host of new security and reliability concerns and sparked a significant increase in cyberattacks,” said Fermin Serna, Chief Information Security Officer, Citrix. 

As organizations, digitally transform, moving to the cloud, connected Internet of Things (IoT), BOYD, AI and Machine Learning, so are the Cybercriminals. As organizations proceed on their digital transformation journey, Cybercriminals are taking advantage of the increased of the expanding attack surfaces digital transformation opens. 

The same tools organizations are using to enhance their networks, Cybercriminals are using to increase their threats in a more sophisticated, stealthy and evasive manner. 

Email 

2020 with the scramble in remote working cause a massive rise in Cybercrime. Remote working increased the use of Email as the primary method of communication, however, according to a report published by Mimecast (Download report) – on the state of Email security showed that: 

  1. 61% 0f organizations suffered a Ransomware attack in 2019 -2020 via email.
  2. 64% rise in email threats – research has shown that employees are opening 3x more malicious emails since the start of the pandemic.
  3. 79 % of organizations lacked the necessary Cyber security, 40% lacked security in one or more critical areas and 13% had no email security at all.

 BOYD 

With the increased use of BOYD since the start of the pandemic, a report published by CISCO in 2020 showed that more than half (52%) of respondents said mobile devices are now very or extremely challenging to defend. They have overtaken user behavior, which is the biggest challenge. In saying that however and despite the increased threats, South African enterprises still have not prioritized Cyber Security as a threat to business continuity. Organizations where not prepared for the remote working environment at the start of the pandemic and are still not taking BOYD as a major threat to their security seriously, in fact, researching BOYD and Cybersecurity it is disturbing that the enterprises are still relying on employees to be responsible for securing their own devices. 

Contracting multiple Vendors  

Having multiple vendors, may on the surface, seem to be good business practice as  it could ensure that all bases are covered, particularly when referring to Cyber Security.  However Multi Vendors does exponentially increase the number of points of vulnerability to the network and the number of security alerts increases to the point that can overwhelm the IT department.

 Research has shown that the number of organizations that receive 100 000 or more daily alerts has increased to 17% in 2020, up from 11% in 2017. Further to the above 23% of third party vendors software have at least one critical vulnerability. If multiple vendors are employed it stands to reason that the environment will have multiple critical vulnerabilities.

2021 trends have shown that reducing the number of vendors has reduced the number of vulnerabilities and costs. In addition, the trend is also moving to the appointment of a Tier One solution provider and all secondary vendors will work through the tier one vendor. Greatly reducing incompatibilities, user confusion, overlapping services and most importantly greatly reducing critical vulnerabilities. 

The above highlights some of the points of entry that Cybercriminals look for when attempting to attack a network. Ransom ware, malware, DDos and social engineering such as Phishing all require access to a network. Email and BOYD are the most vulnerable, which coupled with the employment of multiple vendors can render a network prone to multiple attacks.              

Solution 

Globally organizations are focusing on two primary aspects namely: Cybersecurity is constantly evolving and the human element. Both elements are dependent on each other. In order to keep pace with the ever increasing and innovative ways Cybercriminals are evolving their practices, organizations will need to follow suit. This has prompted an evolutionary shift in Cybersecurity from a confidence in users to Zero Trust fundamentals. Zero Trust is defined as every user and / or device is a potential threat to the network. 

Zero Trust is based on the security concept of “never trust, always verify” that requires all devices and users, regardless of whether they are inside or outside an organization's network, to be authenticated, authorized, and regularly validated before being granted access “ 

Citrix: A Tier-one solution provider.  

Citrix focuses on two priories when it comes to Cybersecurity: namely secure access and employee experience. Citrix Secure Workspace Access takes care of the user experience. The solution offers VPN -less end-end Zero Trust security and a full secure access service edge (SASE). In other words, Citrix Secure Workspace Access provides secure access to internal apps with a Zero Trust approach, simplifies secure user access – such as single sign -on, apps accessed are based on user work requirements, using a unified access control and can be implemented using one solution. 

Citrix Secure Internet Access handles a hybrid or Cloud based secure platform. Citrix Secure Internet Access offer a cloud delivered secure stack including turnkey SASE architecture cloud security, secure web gateway, next gen firewall protection and is constantly automatically updated. 

This offers users to access apps using Direct Internet Access (DIA) without compromising user experience. Citrix Secure Internet Access unified approach to SASE architecture combined with Citrix SD-Wan solutions will give organizations a secure, simplified and a consistent experience and performance a hybrid workforce.