Flexible work scenarios are fast becoming the norm for millions of employees across industry verticals. While they are great for productivity, these scenarios can be a nightmare for cybersecurity teams. With people moving from coffee shops to conference rooms to the living room couch, accessing sensitive data all along the way, this also becomes complex with data access by multiple mobile devices, it's becoming easier for cybercriminals to exploit all kinds of vulnerabilities, sending more malicious payloads than ever through cloud-based apps. Hackers are becoming creative in finding newer ways to exploit the gaps.
These scenarios have put corporate networks at risk by reconnecting and returning to the office—such a flexible way of working mandates a tighter approach to security. Google's Threat Analysis Group reported 18 million Covid-19-related phishing and malware Gmail messages daily in April 2020. The average ransom for ransomware attacks rose to $111,605 in the first quarter of 2020, a 33% increase compared to the previous quarter, according to Coveware.
In a hyper-digital and largely contactless world, 'Trust' will be the core currency of the next normal and the key factor for decision making. A trusted environment needs to be built in which sensitive data can be processed or analyzed at work from anywhere, giving clients a feeling that their data is secure.
In a trend wherein most assets and devices are now located outside traditional physical and logical security parameters, enabling a cybersecurity mesh in enterprises for scalable and reliable controls is a priority for customer satisfaction on critical data security. Enterprises that offer remote access have implemented zero-trust network access, multifactor authentication, etc.
Never Trust, Always Verify
With the increasing number of endpoints in the organizations and employees deploying BYOD (Bring Your Own Device) and personal devices to access cloud applications and company data, companies can’t solely rely on traditional cybersecurity methodologies. This is where a zero-trust model constantly evaluates every identity on the network for risk, with a close watch on real-time activities.