“Improving endpoint security should be an immediate priority for CISOs. No matter how fragmented the remote working environment, employees still need to securely access corporate data,” says Nigel Seddon, VP EMEA West, Ivanti, in an exclusive interview with ITSecurityWire.
ITSW Bureau: How can enterprises secure their workforce and infrastructure in an increasingly dynamic remote work environment?
Nigel Seddon: Remote work has created a myriad of challenges for CISOs. Ivanti’s recent CISO survey found that their greatest challenges are now centered on ensuring only trusted users, devices, networks, and applications are attempting to gain access to corporate resources. Almost half (45%) of the respondents claimed employees using unsecured Wi-Fi to access business data was their top challenge, while two-fifths (40%) cited employees using their own devices and one-third (33%) cited employees using unauthorized apps to access corporate data as their greatest challenges.
The only way CISOs can overcome these challenges and ensure that their workforce and infrastructure are protected while working remotely is by implementing a zero-trust security framework. A zero-trust strategy assumes that the corporate network has already been compromised, taking a ‘never trust, always verify’ approach that validates the device, network, application, and user context before granting access to enterprise data. Adopting a zero-trust tactic is the only way CISOs can mitigate the risks of remote working.
ITSW Bureau: How do CISOs plan for an increase in investment in specialized UEM software? What is their catch point that will convince the leadership?
Nigel Seddon: The catch point for CISOs is that, due to the pandemic and the shift to remote working, UEM software has become an absolute security necessity for businesses going forward – the risk is just too great for businesses not to have it. The explosion of different devices and networks being used by remote employees to access business data has drastically shifted the data breach landscape, with cybercriminals now looking to exploit remote cybersecurity protocols that are often weaker than those that would be used to protect workers in the office.
Without specialized UEM software in place, it becomes almost impossible for CISOs to catch and prevent potential data breaches. IBM’s 2021 Cost of a Data Breach Report found that 74% of respondents believed remote working would make a data breach more likely while also claiming that the average cost of a data breach in the US had increased by USD 137,000 in 2020 alone. Specialized UEM software can help businesses mitigate the added risk caused by remote working by giving CISOs full visibility into and control of the endpoints their employees are using while working from everywhere. This is the catch point that CISOs will need to explain to convince the leadership of its necessity.
ITSW Bureau: How can enterprises maintain the security of the endpoint devices in an increasingly fragmented remote work environment?
Nigel Seddon: Improving endpoint security should be an immediate priority for CISOs. No matter how fragmented the remote working environment, employees still need to securely access corporate data. The pandemic accelerated work-from-home and hybrid work environments. However, with the immediate priority being business continuity, certain security protocols were overlooked.
Employees are using personal devices more than ever to access company data and this phenomenon is proving one of CISOs biggest challenges. Therefore, it will remain essential for IT leaders to account for hybrid work models in their budgets. They will need to invest in security solutions that provide them with the flexibility they need to support growing networks, the everywhere workplace and shifting priorities.
The best way for CISOs to maintain the security of their endpoints is to take a zero-trust framework to the next level with automation. Deploying security technologies that leverage automation can help CISOs gain visibility into all the devices and applications their remote employees are using to access corporate data, making it easier for them to manage, secure and service all the endpoints in real-time. Continuous verification and authentication throughout the network ensure that any personal device, or company device, trying to access the network can only connect to authorized applications in a compliant manner.
ITSW Bureau: How can enterprises optimize the asset performance and costs while strengthening their cybersecurity infrastructure?
Nigel Seddon: Enterprises can optimize the asset performance and costs while strengthening their cybersecurity infrastructure by adopting a zero-trust approach and implementing automated security systems that prevent attacks from happening. Further, to better manage IT and software spending, CISOs will need to implement spend intelligence technology. Spend intelligence provides insight into software landscapes and application spend across all IT environments improving operational speed, asset visibility, and cut costs.
The adoption of automated security technologies has increased 12% year on year, with no signs of this growth decelerating. These automated technologies enable faster data collection, making asset performance more dynamic and efficient. In addition, automation eliminates time-consuming tasks and encompasses all the wonders of AI. AI will increase an enterprise’s analytic capabilities while also reducing the risk of human error, making a business more efficient and reallocating human resources to where they are most needed. Automation will also identify deficiencies that can be corrected through actionable, formalized procedures. Thus, leading to a more secure environment and therefore optimizing the decision-making process.
A combination of zero-trust approach, automation and spend intelligence will strengthen cybersecurity infrastructures, optimize the asset performance, and significantly reduce costs. These solutions offer the most efficient and cost-effective way to secure the everywhere workplace, which is the future of work.
Nigel Seddon serves as Vice President of EMEA West at Ivanti, the automation platform that helps make every IT connection smarter and more secure. Nigel has been with Ivanti for more than 10 years and has held the position of VP of EMEA West since 2016, managing Ivanti’s sales team across UK, Middle East and Africa. Previous to his time at Ivanti, Nigel worked with a variety of Enterprise Hardware and software companies in several managerial and directorial positions bringing over a decade of experience and success to Ivanti. Nigel is highly skilled in Sales, Partner Relationship Management, Go-to-market Strategy, Professional Services and Management.