Cerca
Close this search box.
Cerca
Close this search box.

Everywhere Workplace: how to protect yourself against cyber risk

How do you protect yourself against cyber risk in the age of the Everywhere Workplace? Why do we need to pay renewed attention to Workplace Security?

As many as 70 per cent  of employees would rather work from anywhere than receive a promotion. This is according to Ivanti's l’Everywhere Workplace Report.

To ensure the flexibility required by agile working, companies have started to integrate  technology for private use into their infrastructure  (BYOD - Bring Your Own Device), at the same time increasing their exposure to cyber attacks.

IT risk management still seems to be tied to old patterns that are poorly matched to the agility required by digital transformation and agile working: one of the thorniest topics, in the vast catalogue of the security encyclopaedia, is vulnerability management.

According to reports by the National Institute of Standards (NIST), more than 18 thousand vulnerabilities were recorded in 2020, and the rising number is also a consequence of an expanded dataset. Of these, more than 10 thousand (57 per cent) were classified as "severity high/critical".

Cyber risk: can something be done?

An organisation's vulnerability management program must be contextualised according to the analysis of its risk environment, taking into account everything from exact devices and network accessibility to workflow analysis and application interactions.

However, in order to assess whether a specific vulnerability is dangerous to the organisation and its infrastructure, the first step is first to know that it exists..

  • inventory and monitoring

The first thing to do is to increase visibility, i.e. to precisely define the assets that access corporate applications and data. The inventory of assets must be complete and dynamic: in an agile and constantly evolving digital environment, it is no longer possible to manage catalogues manually. It is time to say goodbye to Excel spreadsheets and turn to automated inventorying tools.

Vulnerability management programmes, based on recurring scanning operations of provided inventories, cannot be limited to a single data source, even if it is as authoritative and up-to-date as the NVD (National Vulnerability Database).

According to expert Abhinav Tiwari this public database of known vulnerabilities (CVE or Common Vulnerabilities Exposure) currently affecting applications, software and hardware, does not cover 20 per cent of the possible exposures.. But it is not only the NVD that is missing critical pieces of the vulnerability puzzle. The Ransomware Spotlight Report 2022 found that three of the most popular vulnerability scanners - Nessus, Quals and Nexpose - detected only 77 per centof all exploitable vulnerabilities in 2021.

Therefore, it is advisable to integrate vulnerability sources - multiple databases (NVD, CISA, MITRE, Exploit Database and Packet Storm, etc.), human penetration tests, CVE number authorities (CNA) and even online communities - for the most comprehensive monitoring possible.

  • prioritisation of vulnerabilities

Every vulnerability does not necessarily have to be patched as critical! Adequate prioritisation of resources and implementation of patches (the "patches" released to correct software problems) is fundamental to any cybersecurity strategy.

On the one hand, one might be tempted to fix and remediate all vulnerabilities by ensuring maximum coverage of one's environment, but the reports risk exceeding the capacity of corporate IT departments to act and inefficiently wasting the security budget. On the other hand, fixing only high-risk vulnerabilities would leave us exposed to other vulnerabilities.

The challenge is to find the right balance between the different options starting from an analysis of what are resources business-critical.

  • automation of remedial actions

Since zero risk is virtually impossible, with proper prioritisation and automation support, IT teams can keep vulnerabilities at a manageable level and take care of those that pose the greatest risk to the organisation.

Indeed, there are tools that automatically apply updates and patches to vulnerable systems and devices that can be a valuable support. For those vulnerabilities for which patches are not applicable, automation allows staff to focus on drafting mitigation plans to minimise the chances of them being exploited.

Uniform security management of workstations

With the increasingly widespread and sophisticated use of mobile devices, it is difficult to ensure the deployment of strict access and security policies: the issue of digital workstation security (Workplace Security) is of paramount importance.

We need to be able to distribute a common set of identity and access policies for all devices used by each employee. The challenges are many: an enlarged perimeter, different management systems, patchy application of criteria.

The simplest approach is to centralise security management in a single device management platform: in this way, any changes to user status or access rights no longer require intervention, with a greater expenditure of resources and a higher probability of errors.

The main advantage is to be able to ensure the adherence of configurations and access policies to company-defined security policies, reducing exposure to attacks.

*This article, by Camilla Bottin, was originally published in Catobium – The Magazine of the Catobi Writers. 

02-s pattern02

Would you like to mitigate cyber risk?

CONTACT US TO LEARN MORE!