Security Experts:

Reviving Cybersecurity Innovation with Experience at the Forefront

Take another look at the title of this article. Do you find it to be a surprising statement? Cybersecurity innovation is not quite at the stage where it needs resuscitation, still, the last few months have demonstrated the need for change. As we move forward, the changing workplace environment is certainly building the case for innovation.

At a recent virtual security conference, a session presented by cybersecurity specialist Robert Hannigan discussed changes that have occurred with the move to remote working. He noted many Security Operations Centers are experiencing a drop in the number of alerts, but not because volumes have reduced. Instead, it is because alerts have moved from being visible on the corporate network to invisible on home Wi-Fi.

The bad guys know this and are taking full advantage of the opportunity. Initially, confusion caused by contact tracing applications and COVID packages provided a vehicle for data theft and ransomware – although, this was short-lived and peaked by the end of March. Now, we’re seeing scammers changing direction toward online shoppers and bored home workers who are downloading television shows and movies illegally.

As we move toward a post-pandemic world with remote and in-office work blending, what should organizations be considering in giving the best user experience, meanwhile, maintaining their privacy and ensuring business applications and data remain secure?

Think Differently; Experience Comes First

To answer the above question means a new way of thinking is required. Instead of considering “How many connections?” or “How fast is the throughput?”, start thinking from the user perspective and ask, “Does this improve user experience?” and “What problems could it solve?”. These questions make it easier to break down the challenge and are highly relevant for customers and users.

Experience is a critical, subjective metric. It defines user access, usage and interaction with applications and services. With people now working from home or in offices with social distancing measures in place, this matters even more. Our job has not changed, but how and where has.

A good experience is rewarding for users and will make them more loyal to the applications they use. Without a good experience, it is all too easy for a competitor to lure them away, with a few simple clicks showing the potential of a shinier, more responsive alternative. Think about this in the context of your smartphone. It is likely that you download a couple of new applications every week, looking for a tool to simplify a task. But how long until it proves its worth? If that new app proves to be only shiny on the surface, there’s another version in the App (or Google Play) Store awaiting your attention.

Simplification, Automation and Security

Talking to users and finding out what their experience is will provide a better understanding of what works and what does not. Understanding how they prioritize activities will help you pull this into the context of delivering services and applications for a modern enterprise. 

1. They want to simplify their environment to deliver a slicker customer experience, which can often be achieved simply by maximizing existing investments in technology.

2. They are leveraging data and analytics for automation of tasks, giving time back to the IT team with a focus on innovation rather than management. 

3. They need to secure what they have with effective data usage and automation to ensure consistency and reduce false positives.

Managing Complexity and Consistency

A typical example from customers is the need to reduce complexity and make more from existing investments while overcoming the daily struggles of too many management interfaces, sites and overlapping technologies. The hurdles are not only technical, but also staff-related in ensuring specialists are well-trained in their roles. 

How can things be made simpler? Talk to users and consider ways to streamline activities. Automation rules could help by dynamically changing traffic behavior or routing to make sure that services are correctly prioritized and delivered for users. For more granular but consistent control, multi-tenant options would make a good conversation. It provides role-based management at different levels, reducing individual workloads yet still maintaining overall control of the environment.

The (Remote) Elephant in the Room

So, what about remote users? This area has gained attention, as we’ve seen demand from organizations needing to have their employees work from home. For the IT team, this has meant an increased workload. They have moved from managing a small number of remote users to dealing with hundreds or thousands of remote users acting as ‘micro-branches.’

For many users, the experience at home is not an issue. However, some require access to sensitive data or real-time systems. Those users will be using the same Virtual Private Network (VPN) client as everyone else to achieve this and it is no longer suitable. A VPN punches a big hole in the side of the network, allowing users access but also leaving gaps at the edge for attackers to sneak in.

A better solution is to look at the latest technologies which extend the corporate network into the home, providing the same reliability of working at an office, but with the benefits of management, security and visibility for the IT team. All are ensuring the best and most secure user experience.

How can you Fund the Investment?

Employees have found that working from home is a benefit they enjoy. In fact, many have said that they would either prefer to remain remote or work from home a couple of days a week, even when they can go back to the office.

There is a potential cost saving here, as organizations look to hot-desking and smaller offices as options instead of allocated per-user spaces. Rather than merely putting these savings to the bottom line, why not use them to look at new and innovative ways of improving overall user experience across the business? 

Of course, the business will want proof of the return from any new investment and cybersecurity ROI has always been a challenging topic. That said, the result of the sensible investment will be happy and loyal users, reliable and innovative services, and measurable business and competitive benefits for the organization.

view counter
Laurence Pitt is Global Security Strategy Director at Juniper Networks. He joined Juniper in 2016 and is the security subject matter expert for the corporate marketing team. He has over twenty years of cyber security experience, having started out in systems design and moved through product management in areas from endpoint security to managed networks. In his role at Juniper, he articulates security clearly to business and across the business, creating and having conversations to provoke careful thought about process, policy and solutions. Security throughout the network is a key area where Juniper can help as business moves to the cloud and undertakes the challenge of digital transformation.