Don’t Bring a Sword to a Gun Fight

As companies continue to splurge on cybersecurity,?hackers?enjoy?record levels of success. ??

There’s a?famous?scene in?Raiders?of the Lost Ark?when Indiana Jones?is battling his way through a crowded village in hostile territory.?As Indy?makes his?way to safety, the sea of people parts and?out?from?the crowd emerges?a?master?swordsman?dressed in?all?black from head to toe.?

To capture Indy’s attention and show off how well he can use a sword, he twirls his giant?weapon?up?and?down?and?side?to side?in a menacing display of pre-fight bravado. Unimpressed, Indy rolls his eyes, calmly removes a pistol from his belt and fires?a single?shot at the swordsman. In one second, the fight is over.??

“Companies are building giant walls in front of their house as hackers casually walk in through the unlocked back?door (smirking just like Indy did at the swordsman).”?

Unfortunately, in the ongoing fight between companies trying to protect their?network?from hackers trying to breach?it, there is growing evidence that companies are?unwittingly?playing the role?of the swordsman.?Measures taken by companies?to secure their network and improve cybersecurity are?flashy?and?sound good on paper—but they?don’t seem to be?that effective at?keeping?hackers out.?

According to the recently published?State of Cyber Security Resilience 2021?study,?82%?of?companies?increased their cybersecurity spending?in the last year. Yet, at the same time,?successful breaches from hackers increased by 31%?from the previous year.???

“When you put up a big wall in our environment, the back?door isn’t left unlocked…because?it’s not there?in the first place.?There is no back door.”?

The Shift to Remote Work?is a Scapegoat—the Real Problem is Fragmentation??

The shift to remote work is often cited as a reason for the increase in cyber-attacks against corporations.??

It’s true, protecting the integrity of your network?is hard enough when?all?your?employees are working?side-by-side?in an office on company-issued devices.?And yes, the?recent?shift to remote work?means?there are more opportunities for?your employees?to store corporate data?on their personal devices.?If employees do not properly manage security controls on their own device,?this "authorized" endpoint can be compromised and provide access to the corporate network.??

But your employees were storing company data on their personal devices before the pandemic. It was a?problem?then, and it’s a?problem?now.?The shift to remote work?just served to?put a giant spotlight on?it.??

And that’s the point.?At?TetherView, we?believe?the?IT challenges?of managing?and supporting?a remote workforce?highlight?a much bigger?and fundamental?issue?with how most companies structure their IT environment—everything is?fragmented.?Information technology maintenance, threat monitoring and cloud services?cannot effectively work together to stop cyberattacks if they operate independently of one another.?IT sprawl means there are multiple entry points for hackers and more potential areas of vulnerability.?

One Way In. One Way Out.?

We have many mottos at?TetherView. For the?topic?of IT fragmentation, the answer is simple.?One way in. One way out.?Networks should be run in a zero-trust environment?that provides visibility into?everything?and only provides your employees (and the bad guys) with one way into your network…and one way out.?When you put up a big wall in our environment, the backdoor isn’t left unlocked…because it’s not there in the first place.??

Consider how this approach improves security around email, one of the main?points?hackers use to?enter?your network.?In a zero-trust environment, to protect users from potentially malicious websites,?all links in emails are sanitized using a sandbox server. The user cannot access the link directly. This mitigates attacks on personal devices by conducting analysis on the server side and injecting the results into the email.??

Introducing a zero-trust environment to your IT infrastructure supercharges the other things you are doing to enhance your cybersecurity.?A “before and after” with our clients shows that security measures they had in place?before?our partnership were?70% less effective.?Hackers are becoming more resourceful and?finding new ways to carry out their attacks.?It’s time for companies to introduce security solutions that help level the playing field.??

?

In other words, don’t bring a sword to a gun fight.??