Network Security for a Hybrid Business World

We live in a changed world. Advances in technology that were supposed to take years happened in months. Along the way, assumptions and legacy thinking gave way to urgency and a can-do .. no, must-do attitude. 

But one person’s chaos is another person’s opportunity. Cyber attackers have taken advantage of the disruption, scaling up their attacks against poorly defended end-points that suddenly sat in a living room, not a perimeter-protected, fire-walled corporate office.

But a funny thing happened on the way to recovery and resiliency. Networking and security teams, along with business leaders and employees began to see the benefits in working together, breaking down the silos that hold back progress.

 At the same time, technology transformation put advanced tools like Artificial Intelligence and Machine Learning into the hands of the good guys. Automation promised some relief from the shortage of skilled security personnel. Partners and service providers stepped in to bolster capabilities.

And thanks to protocols like SD-WAN and Zero Trust, the network evolved into a security plus rather than a vulnerability. We learned from the pandemic.

In this fifth and final episode, we focus on the people, technologies, and data that’s driving a reassessment in how we think about networking and security. It’s a future where networking and security are even more integrated; where security is woven into everyday tasks, software, configurations, protocols, and plans. A future where the responsibility for security is shared throughout the organization.

Working from home used to be a perk. Now it’s a way of life. The way we shop changed so quickly, so thoroughly, that many retailers were caught off guard, and technology in many cases wasn’t ready for the surge. Instead of a company-issued device hooked into a LAN, the network ecosystem became instead a diverse ecosystem of end points, corporate networks, home routers, and VPNs.

For security pros, this had the makings of a nightmare.

“I think the biggest source of breach is on the user side and it comes in the form of password management and a lot of those things,” says Zeus Kerravala, security research analyst with ZK Research. “I actually talked with somebody that does penetration testing and he said 90% of the hires that companies that hire him he can breach within an hour, and usually that’s just through bad passwords.”

Security teams have always had to balance productivity with protection. With the pandemic, that task has gotten tougher. Security leaders say they’re more concerned about attacks targeting employees at home since social & work restrictions sent employees to their living rooms or spare bedrooms 18 months ago.[1]

And yet … Despite the uptick in remote work last year, fewer than 40% of organizations have IT security policies in place to address end devices, video conferencing, or collaboration tools.[2]

In this fourth episode of Comcast’s podcast series “Network Security for a Hybrid Business World,” we’ll focus on the changes our experts have noted, and how they’re affecting all the stakeholders: from customers, security teams, and employees to partners and leadership.

[1] IDG CSO Security Priorities Survey 2020

[2] IDG GIS CyberSecurity Survey 2021

Thinking strategically is key for success in IT. In 2021, IDG saw a significant jump in the number of CIOs calling themselves “strategic.” These are the CIOs who spend the majority of their time driving business innovation and identifying opportunities for competitive differentiation.[1]

And this trajectory is expected to continue throughout the next three years as almost 6 in 10 say they want their focus to be even more strategic. 

It’s not just IT: 91% of network pros say that their relationship is highly or somewhat collaborative with their line of business peers.[2]

But for many security pros, strategy is an area of concern: 87% believe their organization is falling short addressing cyber risks. And more than one in four say they’re not proactive enough when it comes to their security strategy.  

Security must keep up with network evolution

Networks have come a long way from the days of a data center on location, a LAN and maybe a WAN, protected by firewall and maybe some intrusion detection. Set it and forget it and be done.

Today’s networks aspire to be robust; virtual; intelligent; automated; and safe. That’s the plan. The business environment today demands it. But getting there is still a work in progress.

Networking security, like a lot of security, can be reactive, spotty. 

Despite the uptick in remote work in 2020, less than 40% of network leaders say they have IT security policies in place to address end devices, video conferencing, or collaboration tools.[3]

In this third episode of Comcast’s podcast series “Network Security for a Hybrid Business World,” we’ll focus on how networking and security pros are putting together their security strategies. We’ll look at the business demands driving network evolution, what network management options are trending, and how to prioritize and secure deployment.

[1] IDG State of the CIO Survey, 2020

[2] IDG State of the Network Survey, 2020

[3] GIS IDG Security Survey 2021

CISOs, CTOs, CIOs, COOs and others are going to be asked: What measures do you have in place in case we get hit with a ransomware attack? That’s because ransomware attacks have increased by nearly 500 per cent since the start of the COVID-19 pandemic. In this episode, we’ll help with some answers, and some tactics that can reduce vulnerability, not just for ransomware, but across the threat matrix.

Over the course of a few short weeks in early 2020, business as we know it changed. As lockdowns caused by COVID-19 spread worldwide, organizations scrambled to keep the lights on. Working from home was the only way to keep business rolling. The thing is, connecting and supporting employees from home meant that the traditional perimeter for security — Which had already been eroding under pressure from the work-at-home trend — was now obsolete.

 “I think when the pandemic hit, focus was on making the remote workforce as productive as possible and as fast as possible,” says Comcast Business’s Shena Seneca Tharnish, VP Cyber Security.

Once established, enterprise businesses began rethinking their cybersecurity approach, Tharnish says, because previous architectures that enabled security defenses in datacenters and in branch offices were being bypassed. “When this happens, securing the network perimeter is not good enough and enterprises must shift to the endpoint or to wherever the edge has expanded to.”

Legacy networks catered to centralized apps and predictable demands, with most users operating within the perimeter and network managers taking a set-it-and-forget-it approach. Now, with the boom of digital, networks connect us all, and carry a lot of critical data that drives business intelligence, day-to-day operations and innovation. And it does this increasingly outside of any corporate firewall or perimeter.

In this first episode of Comcast’s podcast series “Network Security for a Hybrid Business World,” we will look at the network challenges of the modern enterprise — an enterprise that’s now distributed, connected, and oftentimes vulnerable. 

Network Security for a Hybrid Business World is a podcast series from Comcast Business and CIO, exploring the events that have put cybersecurity at the forefront and the tools and technologies that business and IT leaders should be eyeing to address current and future cybersecurity demands.