Why post-pandemic cybersecurity needs a new normal

Is the end finally in sight? The UK’s successful vaccination programme has many people hoping that Spring might see a phased return to normal. Maybe a mass migration back to the office really is in the offing.

 

For cybersecurity pros, it can’t happen soon enough. Cybercrime spiked during the pandemic, driven up in large part by work-from-home mandates. A host of vulnerabilities cropped up when organisations had to push the network edge to hastily set up home offices and configure endpoints cobbled from a broad range of personal devices.

 

Who can blame anxious CISOs for wanting employees to get back to a more controlled IT environment?

 

Unfortunately, those hopes for a return to calmer times are illusory.

 

Of course, criminals exploited the disruption of COVID-19 lockdown to spread malware and steal data. But even before the pandemic, cybercrime was effectively out of control. In a survey conducted before the coronavirus outbreak in 2020, more than 80 percent of businesses said they’d experienced a breach of some kind.[1]

 

And let’s be realistic, many organisations have come through the pandemic with a new way of working, and many might not want to go back.

 

So we’re in a new IT reality whether we like it or not. Securing it is going to take a new approach.

 

Say farewell to detect & prevent

Rather than return to default approaches, the possible end of pandemic restrictions hands CISOs a unique opportunity to question cybersecurity’s legacy approaches that focus on detection.

 

Cloud-based web isolation offers another way forward. Rather than trying to lock down every server and endpoint, it completely isolates users from internet-borne threats. While isolation isn’t a new idea, the technologies powering today’s approaches are.

 

Remote workers make security policies challenging to enforce. At least 70 percent of employees[2] now use SaaS solutions to conduct their work, or VPNs to connect their home offices to company networks.

 

Web browsers have to be regularly maintained to stop them from becoming a source of vulnerability. The geographic separation of users, devices, and cybersecurity teams makes that a significant challenge.

 

To adequately protect today’s (and likely tomorrow’s) cloud-dependant workers, we’ve extended our Isolation Core™ technology to the Menlo Cloud Security Platform. Businesses deploying it get a separate and pervasive new security layer. All web and email traffic flows through it. Any adverse or malicious traffic is stopped. Everything that does get through screening traffic is kept separate from the user’s device.

 

An old idea. A new approach 

Traditional isolation technologies like virtual desktop infrastructure (VDI), application virtualisation, and client virtualisation attempt to protect users by stopping active content from being delivered to endpoints. They work in principle, but the user experience (UX) they provide is clunky and unresponsive.

With VDI and application virtualisation, content is executed on separate computing infrastructure and then rendered pixel-by-pixel on an end-user’s screen. Web pages load slowly, and there is usually a delay between taking an action (typing a character, clicking a link) and seeing it happen on-screen. Users often lose standard functions like printing pages or copying and pasting content.

 

Client virtualisation requires dedicated endpoint software, OS changes, and a PC re-build which often creates instability. When it does operate as expected, significant resources are needed from the user’s machine.

The Menlo Security Cloud Platform offers businesses a 100 percent safe way to view web and email content that doesn’t diminish productivity or user experience.

It tackles major threats like phishing, ransomware, and malvertising head-on. It also secures corporate and personal email and makes it easier for companies to achieve compliance — all without reducing functionality or UX.

Getting ready for whatever comes next

It’s a fact of business life that CSOs depend, to some extent, on employees’ willingness to follow the rules. Scaling that expectation to what could be thousands of personal and company-owned devices makes the scope of the challenge starkly clear.

 

Any of those disparate devices could open the door to a breach or even bring down the network. Instead of trying to control a dispersed and disparate mix of endpoints, why not use Occam’s Razor and simply isolate them from network resources entirely?

 

That approach is already delivering results. A global financial services brand uses Menlo’s Isolation Core™ technology for its 100,000 plus users. Over a study period of 180 days, close to 2,000 phishing links were clicked, 8,500 malicious websites were accessed, and only 30 percent of the clicks on those sites were categorised as safe.

 

With Menlo’s technology separating users from malicious content and infected web pages, the number of malware infections suffered by the bank in that period was zero.

 

Want to learn more about cloud-based web isolation? Contact Menlo Security today. Or watch our recent webinar: ‘The Good, the Bad, and the Ugly: How Security Will Change in 2021’.

————————————-

[1] Sapio Research, 2020

[2] The Future of IT Network Security Report 2020, Menlo Security

Posted by Charlie