FUTURE
TECHNOLOGY
Taking a proactive
approach to risk
management
Collaboration carries an element of risk, but it can be
addressed by taking a consistent approach to security and
replicating good practices amongst partner companies.
David Higgins, EMEA Technical Director, CyberArk,
talks to Intelligent Tech Channels’ Jess Phillips about
how IT leaders can best adopt a proactive approach to
cybersecurity to reduce their risk management concerns.
David Higgins, EMEA Technical Director, CyberArk
HHow have working practices shifted
to an increase in remote access for
employees and third parties?
Within a few short weeks, ‘business as
usual’ has become anything but. Millions of
workers have shifted to remote work, been
redeployed to focus on evolving business
priorities, or face general uncertainty about
their jobs. As IT teams work around the
clock to execute Business Continuity plans,
cyberattackers have been working just as
hard and fast to exploit weaknesses in these
dynamic and changing environments.
What are the security
implications of this?
As the number of employees working
remotely increases rapidly, providing them
with secure access to company systems,
applications and data from outside their
employer’s corporate network at short
notice can often result in complications.
Remote users requiring access to critical
systems must rely on a combination of
VPNs, MFA and remote access control
solutions in order to authenticate and
access what they need.
How much of a role does access
play in enabling – or
preventing – cyberattacks?
Traditional enterprise identity management
systems and access control solutions,
for example, are typically designed to
authenticate company employees and
corporate-owned devices in controlled
environments. But what we are seeing at the
moment is that a huge and unprecedented
shift for previously office-bound employees
to work from home has meant that IT security
teams have had to adapt quickly to onboard
new applications and services to support
remote work; collaboration tools like Microsoft
Teams, virtual private networks and the like.
Also, employees will, to a degree,
be using their own unsecured personal
devices to connect to corporate assets.
Taken as a whole, these are much less
controlled environments.
And attackers are specifically targeting
this new situation, essentially taking
advantage of what they see as a relatively
easy way of accessing sensitive data.
Collaboration carries
an element of risk, but
it can be addressed
by taking a consistent
approach to security.
32