GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided
In 2021 we witnessed the continuation of the seismic shift in how people work, a change that started at the beginning of the global pandemic. The acceleration of cloud, mobility, and security initiatives proved to be critical for organizations looking to weather the new threats and disruptions.
Related: How ‘SASE’ blends connectivity, security
In fact, the Verizon 2021 Data Breach Investigations Report found that “with an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11 percent and 6 percent respectively.” Cybercriminals have taken advantage of security challenges that arise from the new model of remote work and collaboration.
To combat this, businesses who are agile in adopting digital transformation strategies reaped the benefits: from better security hygiene to reduce the risk of a data breach to improved productivity that ultimately yields higher revenue. Here are a few important trends that you should consider for 2022:
Single vendor SASE play
Last year, we predicted that SASE would be an essential strategic initiative, design approach, and implementation standard for enterprise network and network security deployments around the globe. In 2022, SASE will accelerate to become the gold standard for organizations looking to achieve consistency, flexibility, and high performance for both their security and networking needs.
Businesses and organizations will gravitate towards a single vendor SASE provider for uniform, consistent, and ubiquitous security, networking, and business policies to every user, application, and device. This single vendor model will still need to allow for the option to integrate with third-party SASE services.
Organizations see the optimum implementation of SASE as bringing together connectivity and network security into a single, integrated software solution that provides consistent, centrally managed access and security from anywhere in the world and will realized that deploying a multi-vendor approach for SASE introduces visibility gaps and security vulnerabilities.
SASE protects users, devices, and applications wherever they are, and when done well: is the best blend of identity, endpoint, and threat protection you can achieve. Implementing a single vendor SASE approach is critical for granular visibility and control, reduced attack surfaces, dramatically lower latency, and unprecedented application performance.
Securing Iot, MEC
The explosion of 5G this past year has created transformational opportunities around Smart Manufacturing, Augmented Reality / Virtual Reality (AR/VR), and more. However, for low latency connectivity, Multi-access Edge Computing (MEC) is an important paradigm to achieve many of these goals.
MEC converges network, computing, storage, security and application capabilities and delivers them seamlessly at the edge. This brings low latency compute as close as possible to users, devices and things.
However, these advancements open the door to new potential threats and vulnerabilities such as kernel bypass, DDOS attacks on 5G service interfaces, cyberattacks on the Internet-of-Things (IoT) ecosystem, leading to Zero-day exploits, software tampering and API exploits. Such attacks directly impact service availability, data exfiltration and information integrity.
Top strategies to secure the MEC and IoT gateway require security hardening against API exploitation and the ability to detect privileged escalation within applications. Approaches to build zero trust holistically across MEC and IOT ecosystems are critical to guarantee end-to-end SLA management, contextual security, and visibility.
Work from anywhere, forever
Last year, we predicted that work-from-home would be made up of at least 50 percent of the employee base and we believe that going into 2022, work-from-home will expand into a work-from-anywhere model permanently. Because 2021 has shown that productivity can be maintained or even increased, collaboration can continue or improve, and establishing and measuring metrics is possible with remote employees- organizations will implement a secure work-from-anywhere model where corporate access can be extended to not only home offices but campuses, retail shops, hotels, a hospital, the airport, and more.
With a work-from-anywhere model, employees can easily access their Voice over IP (VoIP), Unified Communications, collaboration, and video applications while enabling cloud and on-premise security and performance from anywhere in the world. Whether the business application is hosted in the cloud or on-premises, appropriate security policies must ben consistently enforced even through public Wi-Fi networks or on unmanaged devices.
As a result, businesses will need to invest in more than just a VPN to protect against users who can be connecting from anywhere and from any device: they need to implement a holistic approach to getting visibility and control over identities, threats, and endpoints. With a strategic approach to networking and security like SASE, businesses will be able to achieve both the performance, security, and lower Capex and Opex from implementing a secure, scalable, and optimized Work-from-Anywhere model.
About the essayist: Kelly Ahuja is CEO of Versa Networks, a supplier of single-source SASE technology.
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/guest-essay-lessons-learned-in-2021-as-cloud-services-mobility-and-cybersecurity-collided/