Taking the first steps toward a hybrid-first cybersecurity environment

Hybrid cybersecurity

Ian Jennings, CEO Technical & Operations, BlueFort Security, gives us his insights into the future of the workplace and the hybrid environment.

With the New Year in full swing, physical offices have remained largely empty, and while official work from home advice is still in place, it’s become clear over the last two years that, by and large, people enjoy flexible working.  With ‘Plan B’ restrictions coming to an end in the UK, the question of an office return is in the air.  But while people will be free to return to the workplace, it’s unlikely things will ever go back to the way they were pre-pandemic. 

With a successful vaccine rollout, many businesses took an optimistic outlook in the second half of 2021.  Some, such as business answering services provider Moneypenny, brought virtually all of their staff back to the office as soon as reasonably possible.  Many organizations, however, have taken a hybrid approach.  Indeed, a closer inspection of Google’s billion-dollar bet on a return to office working reveals a clear ambition to create a new and permanent hybrid working culture; a working culture where employees are encouraged – but not required – to be in the office.  

Hybrid working cybersecurity challenges

A long-term hybrid working culture – particularly following two years of employees largely working remotely – presents a significant challenge for Chief Information Security Officers (CISOs).  In a recent survey of 600 UK CISOs, 30% admitted that since March 2020 they have lost track of movers, joiners, and leavers.  What’s more, 29% stated they are missing corporate devices.  The key challenge that CISOs are facing is mitigating the ever-increasing cybersecurity risk brought about from the growing complexity of their IT environments.  Their number one priority in 2022 will be IT discovery.  After all, it’s virtually impossible to effectively protect what you don’t know is there.

Security teams must now contend with user sprawl and device sprawl.  In the past, their focus would have been on securing one main location – the office.  Now, location is a fluid notion.  The concept of networking in this context is increasingly difficult to define.  To help overcome this challenge it’s vital to compile an in-depth – and ongoing – view of the organization’s IT estate.  Only by knowing what assets you have within your environment can you apply effective security controls. 

A hybrid-first security mindset

Procedures and processes for this new world need to be reviewed from the ground up – all with a hybrid-first policy.  The challenge is not insurmountable for security leaders that remain flexible and adopt new ideas.  Desmond Tutu once said that “there is only one way to eat an elephant: a bite at a time.”  What he meant is that everything in life that seems daunting, overwhelming, and even impossible can be accomplished gradually by taking things one step at a time.  For CISOs facing this challenge, the overarching focus should be on improving visibility, intelligence, and control over their network and devices.  Breaking this down, there are three key first steps CISOs should be considering:

1. Visibility: Focus on identity

Identity runs through the core of visibility, intelligence, and control.  Start by establishing who your users are, what they have access to, and building a robust joiners and leavers program.  Any and every user account that has been neglected in some way over the last two years is a potential weak point.  The culmination of this has led directly to the data sprawl now endemic in organizations.  Security teams need to understand everything that is happening on the network in an identity context – whether that’s a human user or a connected device – before they can begin to get them under control.

2. Intelligence: Look at new technologies

A new hybrid-first security framework requires modern technology solutions.  Extended detection and response (XDR) is a good example.  Many CISOs will be grappling with the decision of where to focus their immediate efforts – applications, devices, or the network.  XDR pulls all three areas together.  As well as the network, XDR gives visibility into the cloud and certain software as a service (SaaS) applications – visibility on the application level as well as the device. 

These capabilities will be crucial in a new hybrid-first framework, moving the traditional security operations center (SOC) focus from the office network to a much wider and deeper view of the organization’s environment.  The threat landscape is now fundamentally different.  Less focus on the office and network and more focus on applications and devices will provide a better and more holistic view of risk, what’s happening in the environment, and where the organization’s exposure resides.

3. Control: Design from the ground up

Security strategies that were created even three years ago are now obsolete.  The pace of change is increasing exponentially and sitting on the fence is no longer an option.  CISOs need to adopt policies and procedures that deal with location independence and network independence.  Hybrid working is now ‘business as usual’ and CISOs must work to design modern, fit-for-purpose hybrid-working strategies from the ground up.  Perhaps the worst thing any CISO could do as employees return to the office is to carry on as though they were operating in a pre-pandemic world. 

Read More:

The hybrid-first world has new and very different demands, but the mistake to avoid is viewing this as a bad thing.  There is a multitude of benefits to be realized.  Ultimately, organizations will have more secure applications and devices.  As policies and procedures mature, organizations will enjoy more agile and robust business processes.  But before this can happen, there is baggage to dispose of, plasters to remove, and new perspectives to cultivate.  For those willing to think differently, hybrid working will ultimately provide the catalyst for a more secure environment.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

An image of hybrid, News, Taking the first steps toward a hybrid-first cybersecurity environment

Ian Jennings

Ian co-founded BlueFort Security with David Henderson in 2007 to deliver cyber-security specialist technical expertise and support to businesses that were becoming increasingly at risk from ever-sophisticated cyber attacks. Together the pair have built an award-winning business with a proven track record in delivering complex solutions around remote access, cloud transformation, and zero-trust application delivery.

Ian has 20 plus years of cyber security technical skills and knowledge which underpin the services and support that BlueFort Security delivers to its customers. Under Ian's guidance, the BlueFort team has secured a wide range of cyber security credentials including Cyber Essentials Plus, ISO27001, ISO9001, as well as a number of vendor-specific accreditations including FireEye partner recognition award 2018, RSA partner of the year 2018, MobileIron outstanding engineer award 2015 and RSA Top partner of the year 2011.

Prior to founding BlueFort Security, Ian held senior technical roles with Armadillo Managed Services and Interop Technologies. He holds a BSC in Computer Science and Management Studies from the University of Leeds.

Why low-code is the best code

TBT Newsroom • 12th June 2022

According to Gartner, over 50 percent of medium-to-large enterprises will adopt low or no-code platforms as part of their overall IT strategy by 2023. Low-code platforms are increasingly popular because they help organizations to deliver capabilities faster, reduce reliance and pressure on the workforce and are simpler to understand.

Classroom management software supporting teachers through flexibility

TBT Newsroom • 11th June 2022

Despite educators’ best efforts, the digital transformation from in-person to online and hybrid learning certainly didn’t go off without a hitch. The sudden onset of the coronavirus pandemic forced schools to scramble to change their systems overnight. While many schools rushed to purchase online education technology tools, few had the foresight to invest in reliable...

The Four Key Steps On Purchasing Cloud Software

TBT Newsroom • 10th June 2022

Following the COVID-19 pandemic, digital transformation efforts have accelerated across the majority of industries with businesses being forced to make alterations to their usual working routines in next to no time. What’s more, remote working made it apparent that legacy systems were no longer up to the task for businesses to operate in an effective...

APIs: What are they and how can we embrace them?

TBT Newsroom • 07th June 2022

Gravitee.io is a leading open-source API platform, enabling worldwide developers and business users to build, manage and monitor their APIs. As a team, we are driven by the purpose of giving customers the ability to manage synchronous and asynchronous APIs securely. We started out as an open-source product and still follow an open-source first ethos...

N-able Introduces Cove Data Protection

Chris Groot • 05th May 2022

N-able, the solutions partner helping IT services providers deliver security, data protection, and remote monitoring and management services, today announced the launch of Cove Data Protectionℱ, the cloud-first data protection-as-a-service (DPaaS) solution that modernizes data protection for business-class backup and disaster recovery.