To gain an insight into the way that businesses need develop further in 2021 to face the issues of data security, Digital Journal caught up with Mike Riemer, Chief Security Architect at Pulse Secure. The points raised are central to business digital transformation strategies.
Digital Journal: Will automation be the key to a successful cybersecurity program?
Mike Riemer:Amid the growing cybersecurity skills gap, the broader theme in 2021 will be the increased adoption of technology that capitalizes on artificial intelligence and machine learning to automate key security functions.
COVID-19 resulted in a massive, global shift to a remote workforce. However, next year we will enter a completely new normal when we start to see more workers return to the office while others, who are not yet able or willing to make the transition, remain home. This will result in a split that forces IT departments to handle the demands of both full-scale on-premise and full-scale remote access. The only way to be efficient in the new world of work will be to utilize solutions with automation capabilities instead of relying solely on in-house security teams. Companies will turn to newer technologies such as Zero Trust Network Access and Artificial Intelligence Markup Language (AIML) techniques to work smarter in leveraging their workforce.
DJ: Will hybrid cloud environments be a prime target for hackers?
Riemer: The growing adoption of cloud services combined with the increased use of mobile devices and laptops amid COVID-19 will make unsecured cloud users a prime target. Many companies use identity access management to combat potential security breaches, but the data part often goes unencrypted. We should expect to see hackers put a lot more emphasis on attacking web applications sitting on the cloud and applications that are distributed in nature. These actions will put a lot of pressure on information security groups, making it even more critical for companies to ensure there are no gaps or silos in their security strategy.
DJ: Will enterprises have to go beyond traditional Zero Trust to adopt a hyper-converged model?
Riemer: As employees continue to work from home, enterprises must come to terms with the reality that it may not be just the employee accessing a company device. Other people, such as a child or spouse, may use a laptop, phone, or tablet and inadvertently download ransomware or other types of software malware. Then, when the employee starts using the device to access a corporate network or specific corporate cloud application, it becomes a rogue device.
Without having eyes on employees, how do businesses ensure the user and device are trusted? And what about the application, data and infrastructure? All of these components must be verified on a continual basis every few minutes to maintain a superior secure access posture. That is why organizations must adopt a Zero Trust Access solution capable of handling the hyper-converged technology and infrastructure within today’s digital workplace by providing a unified, cloud-based service that enables greater accessibility, efficiency, and risk reduction.
Adopting a zero trust model will be especially important for the healthcare and education industries. As they work to solidify their security posture after a tough year, the biggest aspect they must improve on is having the technology in place to grant total visibility into their remote and in-person workforce. Zero Trust will allow them to gain real-time insight into areas of concern and react in real-time when a breach does happen, lessening the effects of bad actors and making them more resilient in the long run.
