Businesses Must Address Network Security Issues with New Workforce Models

Organizations continue to find ways to support the remote work environment as the pandemic continues into its third year. However, with these new, more flexible work arrangements, bad actors have seized on vulnerabilities in those work environments. This is creating more work and necessitating larger budgets for security teams.

Infoblox, DNS management and security services provider, released a global report examining the state of security concerns, costs and remedies. 

The corporate landscape has significantly and permanently changed because of the remote work surge:

• 52% of respondents accelerated digital transformation projects.
• 42% increased customer portal support for remote engagement.
• 30% moved apps to third party cloud providers.
• 26% shuttered physical offices for good.

VPNs and firewalls, a mix of corporate- and employee-owned devices as well as cloud and on-premises DDI servers are being added to manage data traffic across the expanded network.

Respondents also indicated concerns about their abilities to counter increasingly sophisticated cyberattacks with limited control over employees, work-from-home technologies and vulnerable supply chain partners. Sophisticated state-sponsored malware also is a source of worry.

Organizations should be worried. Just over half of companies (53%) experienced up to five security incidents that led to at least one breach. Phishing is the most common conduit for illegal entry. Attacks tended to originate on Wi-Fi access points, employee-owned endpoints or the cloud. Overall, 43% experienced at least $1 million in direct and indirect losses.

To protect their hybrid environments, organizations are buying cloud-first security tools to protect their hybrid environments: 59% of respondents saw bigger budgets in 2021, and nearly 75% anticipate an increase in 2022.

They are creating a defense-in-depth strategy using endpoint and network security to cloud access security brokers, DNS security and threat intelligence services to defend their expanded attack surface. Network data is taking center stage for threat hunting.

• 40% relied on network flow data.
• 39% relied on systems-specific vulnerability information.
• 39% relied on DNS queries
• 37% relied on outside threat intelligence services.

As assets, access and security move out of the network core to the edge with the push for virtualization, 53% of respondents have partially or fully implemented SASE strategies, and another 28% intend to do so. A SASE-based SD-WAN model effectively converts WAN solutions and network security services into a single, cloud-delivered service model. 

"Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organizations sent office workers to work from home,” said Anthony James, vice president of product marketing at Infoblox (News - Alert). “To address the spike in cyberattacks, security teams are turning to DNS security and zero-trust models like SASE for a more proactive approach to protecting corporate data and remote devices."