<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2810433&amp;fmt=gif">

Thought. Leadership.

Innovations, investments, strategies and opportunities introduced at the speed of business.

Companies across the globe are playing an instrumental role in addressing COVID-19 by offering their resources, services and expertise to support customers, employees, partners and local communities. Thoma Bravo’s Portfolio Spotlight Series recognizes some of these efforts and initiatives taking place across our portfolio of companies.

Portfolio Spotlight

Today’s Portfolio Spotlight features Kofax, an intelligent automation solutions software provider for digital workflow transformation. Kofax has been helping organizations prepare for the future of work and supporting their digital transformation jou...

Read More »

There are almost twice as many homeworkers as regular workers in the United States today, creating what Stanford Economist, Nicholas Bloom, calls a working-from-home economy. Without the ability to work from home, the U.S. economy could very well have collapsed this year. Bloom has been running surveys since the onset of COVID-19 and these surveys illustrate just how much the world has changed in the past 12 months, radically altering everyday activities from how we work to how we vote. This “New Normal” is highly distributed. Users are logging on from home, using untrusted devices and joining video conferences from whichever device gets the fastest connection. They’re accessing data from the cloud and SaaS platforms through unsecured residential Internet connections that are over-provisioned and buckling from an explosion of traffic.

At the same time, new powerful applications are spun up and spun down on demand, and productivity platforms in the cloud such as Microsoft 365, Google Workspace and Salesforce require persistent, direct connections to users to maintain reliable and consistent experiences. Applications that were never intended to be accessed from outside the office—specifically highly-sensitive financial solutions, HR systems and development tools—have been opened-up for remote access to maintain business continuity in response to new work from home policies.

Unfortunately, security has not kept up
Security teams in the New Normal often lack visibility into, and control of, network traffic, preventing them from effectively monitoring for malicious intent or applying enterprise security policies. Users, their devices, applications and corporate data are therefore unprotected, creating security gaps and blind spots that can put the enterprise at great risk.

Malicious actors know these gaps and have stepped up their game. Credential theft, spear phishing and social engineering are on the rise. Attackers are using publicly available information to impersonate a trusted colleague, family member, vendor or brand, coercing victims to become unintended perpetrators. Insider threats are also increasing as users outside the corporate firewall download proprietary information to use in their next job.

Unfortunately, there’s no silver bullet. Secure Access Service Edge (SASE) is a start, but we’re still years away from a single vendor putting together a comprehensive solution. In the meantime, enterprises need a layered security approach that secures applications, data, devices and users wherever they do business. Security should be embedded throughout the organization and this should be done without adding IT complexity or impacting user productivity.

The keys to secure the New Normal
The fact that there’s no silver bullet is an opportunity, as security and networking vendors are in a race to secure the New Normal. Whoever develops the technology for a comprehensive solution covering the cyber kill chain or is able to put together a consortium of tools from a variety of solutions that improve the layered defense capabilities would have a huge competitive advantage. But where to start? How do companies know which security technologies are essential or supplementary? What are the priorities of today’s chief information security officers (CISOs) and what do users need to remain safe but productive?

5 trends that are shaping the future of the security industry

These are five trends that are shaping the future of the security industry:

1. Users are the biggest threat. Verification holds the key
COVID-19 and its effects didn’t create change out of thin air. It merely accelerated existing digital transformation trends. As a result, existing perimeter security solutions that rely on a detect and respond approach are ill suited to support large numbers of users working outside of the office. According to Hatem Naguib, COO of Barracuda, a provider of cybersecurity solutions in the cloud, users are the new first line of defense.

Attacks often target enterprise users through email and web browsing with the goal of gaining access to an endpoint device. From there, the perpetrator can lay in wait for days, weeks or months—undetected until the time is right to spread to other devices or business systems.

As threat surfaces expand to wherever users log on, whether from a home office, worksite or coffee shop, protecting enterprise systems and data starts at the user level. Awareness training is important, but the success of a cybersecurity program is dependent on zero trust—a strategy that prevents any user, device or application from connecting to the network unless it can be authenticated first.

The way to do this, according to Vijay Takanti, senior vice president of innovation and informatics for Exostar, a secure business collaboration company serving highly-regulated industries, is through a verify and trust model. Organizations, particularly in aerospace, defense, life sciences and healthcare, need to implement strong, multifactor authentication and enforce application and data access privileges. For example, a marketing executive has no business downloading engineering source code, so any attempt by that user to access that data should be prevented.

2. Good hygiene keeps endpoints clean. Automation adds visibility
Enterprise security used to be dependent on establishing and locking down the perimeter. It didn’t matter what users clicked on or downloaded as long as security solutions could monitor all traffic going in and out of the data center and end points could easily be restored if defenses failed. According to Samir Sherif, CISO for Imperva, a provider of cybersecurity solutions that protects data and all paths to it, today’s decentralized users, applications and data have changed that dynamic and brought the basics of security hygiene back to the forefront. Suddenly, endpoint security matters, keeping software patched is crucial and antivirus and antimalware solutions are necessary to stop initial infections at source.

But increasing the number of security barriers can be detrimental too, Sherif warns. Organizations should strive to reduce complexity throughout the security stack by automating many of the labor-intensive, tedious tasks that can bog down security teams. By eliminating the human touch required for password resets and website unblocking requests, organizations can find a way to reduce false positives. Automating security should start with gaining visibility and control over all traffic and truly understanding user behavior.

3. Apps, appliances and the answer to agility
Physical appliances are static, inflexible, and expensive—little more than a bump in the wire. Routing traffic to dedicated boxes doesn’t fit today’s realities. Software is flexible, extensible, immensely scalable and upgrades are instant.

Organizations should embrace a software-based approach to security—especially as modern applications grow more dynamic and run on whatever network infrastructure is available. The ability to deliver security as code allows organizations to apply controls to workloads in real time. This allows user, application and location aware security policies to be applied anywhere, anytime regardless of the underlying infrastructure—even to remote users logging on from home and public WiFi.

4. Certification trumps compliance
Compliance is a critical business function, particularly in highly-regulated industries. If organizations don’t meet regulatory requirements, they could be shut down or precluded from business opportunities until they can prove they can meet those requirements. Accordingly, compliance exists for good reason. However, according to Exostar’s Takanti, simply achieving compliance isn’t enough, because it can lead to a check-the-box mentality that fails to mitigate risk or account for the dynamic threat landscape.

When it comes to security, organizations should implement best practices and processes that reflect a greater degree of maturity. Certifications typically incorporate that all-important process element, which Takanti says allows organizations to avoid the overconfidence that may accompany a snapshot in time, and instead demonstrate an on-going commitment to security that improves resilience against evolving threats. This approach becomes especially critical in a global operating environment that must assimilate fragmented compliance regimes yet maintain the flexibility for how security policies are applied to different regions.

5. Baked-in security
With no perimeter, it’s more important than ever to make sure security is baked into every aspect, system and process throughout the organization. According to Elana Anderson, CMO of Veracode, the largest global provider of application security (AppSec) solutions, this starts at the developer level—ensuring that all apps and integrations are built with security in mind from the outset, identifying potential vulnerabilities well before applications are deployed into production. However, Anderson says this must be done without slowing down development velocity and without impacting business agility.

The key to this, says Anderson, is to implement tools that plug right into the development process, allowing developers to assess and understand security risks of their code as they are coding. Penetration testing is still completed, of course, but practicing secure coding early in the software development lifecycle means it is less likely that defects will turn up later. The key to developer buy-in is an enablement program that shows them the value of integrating security throughout the development process.

This proactive approach can result in more secure and more robust applications while maintaining development cycles. As modern applications grow more dynamic and the ability to define virtually anything in code – including security policy and the configuration of infrastructure – evolves, organizations will have even more ability to ensure the safety of the code and the comprehensive runtime applications that they are delivering.

The security industry is at an inflection point. Recent headlines suggest that organizations and their users, applications and data are not safe from increasingly sophisticated threat actors. The acceleration of digital transformation caused by the COVID-19 global pandemic has only exacerbated blind spots and gaps in enterprises’ security posture. However, therein lies a great opportunity. It’s important that those building-out their security solutions understand key trends that are driving the industry today and tomorrow. Networking and security solution providers are in a race to secure the New Normal, and whoever wins that race will be positioned for long-term success.