We can all agree, 2020 was unreal in so many aspects of our lives; changing how we functioned at home, and at work in ways we never would have predicted or expected. We all did an incredible job of, within weeks, pivoting to a remote life. In my case, learning to order services and products online – even having groceries delivered was a novel change; and working on video all day, every day, until it became so commonplace that now I host video calls with my family on the weekends to stay in touch are just a couple of the ways I’ve adjusted.
From a business perspective, our customers’ IT teams were asked to deploy and support entire employee workforces to work from home, overnight! We saw shortages in laptops and IT was overwhelmed with requests and demands. Tech Data channel partners worked hard during the second quarter to meet this demand, many having record sales results. They had to quickly shift their offerings, create new services and not only adapt to the new reality created by a global pandemic, but also address their customers’ evolving needs.
At the same time, cyberattacks skyrocketed. In some industries attacks increased as much as 400%. Some of this increase is because cyberattacks have become automated. Hackers are able to go to the dark web, visit a malware merchandising site and purchase automated ransomware attacks for thousands of random IP address and targets. Launching this, of course, adds a massive strain on our networks.
Even before the pandemic began, bad actors were finding new attack surfaces and continuing their assaults on all types of businesses, adapting their strategies, automating many of their attacks, and infusing AI to keep up with expanding targets. Tragically, one such attack turned deadly – according to Security Magazine, a patient was unable to receive lifesaving treatment after hackers disabled Düsseldorf University Hospital’s computer systems with ransomware, ultimately costing the patient her life.
Security Magazine also stated in their article that thankfully, “there is hope for the future. 34% of IT security teams across the globe have shared that they are in the process of implementing a zero-trust security model which can ease many of the challenges presented by a traditional network approach. Additionally, 60% of enterprises will be phasing out of VPNs in favor of zero trust network access by 2023”. This will create a big demand for knowledgeable security professionals at our partners’ businesses to help their customers with this transition.
Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters. Organizations must verify anything and everything trying to connect to its networks/ systems before granting access. Zero Trust utilizes security concepts and threat models that no longer assume that actors, systems or services operating from within the security perimeter should be trusted. Zero Trust conceptual understanding is paramount today, more than ever before, since the Solarwinds Orion Supply Chain attack came to light in December 2020. As we move into 2021, we need to continue to innovate and change the way we approach this rapidly increasing problem. We need to recognize that the work from home trend has evolved into a long-term remote workforce strategy. The legacy enterprise network is now extended to a new environment, the home. These likely unsecured settings bring many new vulnerabilities that we did not encounter at the legacy corporate network level.
Tech Data’s Cyber Range team continues to stay in front of innovation with service offerings like the Remote Home Secure assessments for remote workforces. The Cyber Range team has also developed Zero Trust training to help our partners understand how to work with their customers to implement these new strategies to move away from legacy security architectures to Zero Trust network access.
Brett Scott, Director, Security Training and Enablement at Tech Data, and the head of our Cyber Range, stated, “The Tech Data Cyber Range is a strong supporter of Zero Trust as part of an organization’s digital transformation. Zero Trust principals reflect today’s cybersecurity realities and ensure organizations are in a superior cybersecurity posture.”
In our Zero Trust training, the participants who complete this exercise will become skilled on the core principles of Zero Trust, be able to evaluate and plan for implementing or converting to a Zero Trust framework and most importantly, be able to monitor and deliver analytics of network/system disturbances.