AT&T Cybersecurity Insights Report: Securing the Edge – Available today

Read Time:7 Minute, 55 Second

The data is in, the analysis is done, and the eleventh edition of the AT&T Cybersecurity Insights™ Report: Securing the Edge is ready for you!

We know cybersecurity is a journey and not a destination, that is why each year we look forward to the publication of this report, a guide to help you on your journey to cybersecurity resiliency.

Since the ninth edition of this report, we examined what it means to safeguard your digital assets in a new compute paradigm underpinned by 5G and edge. I encourage you to read the previous two reports – AT&T Cybersecurity Insights Report: Security at the Speed of 5G and AT&T Cybersecurity Insights Report: 5G and the Journey to the Edge along with this new report to gain an understanding of the necessarily increasing role of cybersecurity in organizations of all types and sizes.

Before I highlight some of the key findings from our current report, here are some demographic elements to help set context.

This report is a vendor-neutral thought leadership piece that:

Offers quantitative analysis – a global survey of 1,520 professionals in security, IT, and line of business
Delivers qualitative analysis – subject matter expert interviews with technical leaders across the cybersecurity industry
Focuses on common edge use cases in six vertical industries – healthcare, retail, finance, manufacturing, energy, and U.S. public sector
Presents actionable advice for securing the edge
Examines cybersecurity and the broader edge ecosystem of networking, service providers, and top use cases

Securing the edge

Let’s examine some of the key findings of the report. A great place to start is with the title of the report – AT&T Cybersecurity Insights Report: Securing the Edge. The first question most readers posit is “what do you mean by “edge””? Our research shows that edge means different things to different people. This is analogous to early days of the cloud when there was little consensus on the definition of the cloud, however, there were common characteristics that helped identify the cloud.

Likewise, we are in that same state of flux in searching for a standard definition of “edge”. While our research finds no standard definition of “edge”, we do have three common characteristics that edge deployments may share. Those common characteristics are:

A distributed model of management, intelligence, and networks
Applications, workloads, and hosting closer to users and digital assets that are generating or consuming the data, which can be on-premises and/or in the cloud
Software defined (which can mean the dominant use of private, public, or hybrid cloud environments; however, this does not rule out on-premises environments)

These common characteristics of edge will serve the industry well as we move to an even further democratized version of computing with an abundance of connected IoT devices that will process enormous amounts of data.

Report goal

At the onset of our research, we wanted to understand three primary things:

What are the most common architectures used in edge networks?
What are the most common use cases of these architectures?
What is the perceived risk and perceived benefit of the common use cases?

We found some surprising and some not so surprising answers to these three broad questions.

Edge deployments have momentum

Our research shows that edge deployments have surprising momentum despite a high concern of “perceived risk” among organizations globally.  Security is a critical success factor for edge initiatives.

More edge network projects are underway—and completed in production—than one might anticipate. Many edge use cases are partially or fully implemented across industries and geographies using diverse network environments and security controls. The line of business sees the necessity and benefit of edge use cases.

Over 40% of the surveyed population are in the mature stage of adoption on specific edge projects, with each vertical industry as follows: 

52% of retail and public sector are in the mature stage
52% of manufacturing are in the mature stage
47% finance are in the mature stage
43% healthcare are in the mature stage
40% energy and utilities are in the mature stage

Globally and across industry use cases, loss prevention in retail and video-based quality inspection in manufacturing have the highest rate of mature stage adoption (59%).

While edge deployments have momentum and we are seeing these in production, there is still a high level of perceived risk and overall impact to the business. Across all vertical industries, survey participants resoundingly told us they believe there is a high likelihood of a cybersecurity attack and a high impact to the organization as a result.

Despite these perceived risks, organizations see the competitive benefit of edge deployments. In our 2021 report, 58% of respondents told us they were adopting 5G and edge technologies to remain competitive.

The high number of edge deployments is encouraging and shows that cybersecurity is no longer an activity performed by a select few. The rapid business and digital transformation of the last two years moved cybersecurity from a being a technical issue to a business enabler and requirement.

We provide deeper analysis of edge deployments, perceived risk factors, and concerns of attack vectors in the report.

Hybrid is the reality

Architectures for edge networks and security controls continue to exist in a hybrid world – on-premises and multi-cloud. According to our survey participants, this hybrid world is a reality for the foreseeable future of at least the next three years and possibly longer.

This hybrid approach is evidenced by how organizations view cybersecurity controls and network functions. Secure access service edge (SASE), which converges network functions and security controls, is top of mind for all vertical industries surveyed.

Our research shows an almost equal split in the number of respondents interested in either deploying an on-premises solution that mirrors the security plus network capabilities (51.9%) and/or deploying a similar solution in the cloud, i.e. SASE (51.3%).

This almost equal approach to on-premises and cloud is typical as new and innovative technologies are introduced to market. Some of this split may also have to do with a perceived readiness and risk appetite of an organization. A more conservative view may take an on-premises approach while organizations with a greater appetite for risk may be willing to go all-in on a cloud approach.

See the full report for a detailed breakdown of on-premises and cloud preferences for network functions, security controls, and network types preferred for edge deployments.

In with the old and in with the new – Legacy security controls still remain

The cost of various security controls vs. effectiveness of those controls is still “in debate.”

More importantly, organizations are adopting new approaches and emerging security solutions, but those same organizations are definitely not finished with legacy controls.

It is very telling that organizations are not yet willing to part with legacy cybersecurity controls. We asked our survey participants about the perceived cost benefit of legacy security controls.

Respondents simply stated that the following were the most cost effective:

Firewall at network edge
Intrusion/threat detection
Network access restrictions device-device
Data leakage monitoring
Password authentication
Application proxy (e.g., secure web gateway, CASB, etc.)

An important mention is that patching is ranked low in terms of cost effectiveness. Patching is reactionary, manual, and time-consuming. Edge deployments require always available networks, ephemeral and high-quality applications, and seamless integration. As organizations look to the future it is likely they will leave manual activities such as patching behind and focus on automation, integration, and real-time alerts for security controls.

The good news with edge deployments is that security is top of mind and on average all industries surveyed expect security to be in the range of 11 – 21% of the total project budget.

We offer up different views of the cost benefit, preferred cybersecurity controls by network and devices, and a look into overall security budgets for edge deployments. This analysis can be extremely helpful as you move forward with ideation, planning, or implementation of your edge deployments.

Removing the silos

We are enthusiastically moving to a world of edge computing. Whether that edge is in your city, your farm, your car, or your home – change is coming. This change calls for a new way of organizations working together – collaborate and communicate cross-functionally, remove artificial barriers to deliver exceptional edge experiences, and challenge old ideas of what security is and how it is implemented.

Edge use cases are abundant, read the AT&T Cybersecurity Insights Report: Securing the Edge to see how very real use cases across industries are.

If you are struggling with how to think about or implement edge deployments, work with a trusted advisor who has experience in this area. A full 65% of our survey participants are working with a third-party for designing and deploying new architectures for edge use cases.

Get the newly released AT&T Cybersecurity Insights Report: Securing the Edge here.

Special thanks

A report of this scope and magnitude comes together through a collaborative effort of leaders in the cybersecurity market. A special thanks to our sponsors for their contributions and guidance on this report.

Akamai
Check Point
Cisco
Digital Defense, by HelpSystems
Fortinet
Juniper Networks
Palo Alto Networks
RedShield
SentinelOne
VMware

One more thing

Join our webcast to learn more about the AT&T Cybersecurity Insights Report: Securing the Edge. We look forward to welcoming you and sharing more highlights of this research. Register here.

Read More

AT&T Cybersecurity Insights Report: Securing the Edge – Available today

Read Time:7 Minute, 55 Second

The data is in, the analysis is done, and the eleventh edition of the AT&T Cybersecurity Insights™ Report: Securing the Edge is ready for you!

We know cybersecurity is a journey and not a destination, that is why each year we look forward to the publication of this report, a guide to help you on your journey to cybersecurity resiliency.

Since the ninth edition of this report, we examined what it means to safeguard your digital assets in a new compute paradigm underpinned by 5G and edge. I encourage you to read the previous two reports – AT&T Cybersecurity Insights Report: Security at the Speed of 5G and AT&T Cybersecurity Insights Report: 5G and the Journey to the Edge along with this new report to gain an understanding of the necessarily increasing role of cybersecurity in organizations of all types and sizes.

Before I highlight some of the key findings from our current report, here are some demographic elements to help set context.

This report is a vendor-neutral thought leadership piece that:

Offers quantitative analysis – a global survey of 1,520 professionals in security, IT, and line of business
Delivers qualitative analysis – subject matter expert interviews with technical leaders across the cybersecurity industry
Focuses on common edge use cases in six vertical industries – healthcare, retail, finance, manufacturing, energy, and U.S. public sector
Presents actionable advice for securing the edge
Examines cybersecurity and the broader edge ecosystem of networking, service providers, and top use cases

Securing the edge

Let’s examine some of the key findings of the report. A great place to start is with the title of the report – AT&T Cybersecurity Insights Report: Securing the Edge. The first question most readers posit is “what do you mean by “edge””? Our research shows that edge means different things to different people. This is analogous to early days of the cloud when there was little consensus on the definition of the cloud, however, there were common characteristics that helped identify the cloud.

Likewise, we are in that same state of flux in searching for a standard definition of “edge”. While our research finds no standard definition of “edge”, we do have three common characteristics that edge deployments may share. Those common characteristics are:

A distributed model of management, intelligence, and networks
Applications, workloads, and hosting closer to users and digital assets that are generating or consuming the data, which can be on-premises and/or in the cloud
Software defined (which can mean the dominant use of private, public, or hybrid cloud environments; however, this does not rule out on-premises environments)

These common characteristics of edge will serve the industry well as we move to an even further democratized version of computing with an abundance of connected IoT devices that will process enormous amounts of data.

Report goal

At the onset of our research, we wanted to understand three primary things:

What are the most common architectures used in edge networks?
What are the most common use cases of these architectures?
What is the perceived risk and perceived benefit of the common use cases?

We found some surprising and some not so surprising answers to these three broad questions.

Edge deployments have momentum

Our research shows that edge deployments have surprising momentum despite a high concern of “perceived risk” among organizations globally.  Security is a critical success factor for edge initiatives.

More edge network projects are underway—and completed in production—than one might anticipate. Many edge use cases are partially or fully implemented across industries and geographies using diverse network environments and security controls. The line of business sees the necessity and benefit of edge use cases.

Over 40% of the surveyed population are in the mature stage of adoption on specific edge projects, with each vertical industry as follows: 

52% of retail and public sector are in the mature stage
52% of manufacturing are in the mature stage
47% finance are in the mature stage
43% healthcare are in the mature stage
40% energy and utilities are in the mature stage

Globally and across industry use cases, loss prevention in retail and video-based quality inspection in manufacturing have the highest rate of mature stage adoption (59%).

While edge deployments have momentum and we are seeing these in production, there is still a high level of perceived risk and overall impact to the business. Across all vertical industries, survey participants resoundingly told us they believe there is a high likelihood of a cybersecurity attack and a high impact to the organization as a result.

Despite these perceived risks, organizations see the competitive benefit of edge deployments. In our 2021 report, 58% of respondents told us they were adopting 5G and edge technologies to remain competitive.

The high number of edge deployments is encouraging and shows that cybersecurity is no longer an activity performed by a select few. The rapid business and digital transformation of the last two years moved cybersecurity from a being a technical issue to a business enabler and requirement.

We provide deeper analysis of edge deployments, perceived risk factors, and concerns of attack vectors in the report.

Hybrid is the reality

Architectures for edge networks and security controls continue to exist in a hybrid world – on-premises and multi-cloud. According to our survey participants, this hybrid world is a reality for the foreseeable future of at least the next three years and possibly longer.

This hybrid approach is evidenced by how organizations view cybersecurity controls and network functions. Secure access service edge (SASE), which converges network functions and security controls, is top of mind for all vertical industries surveyed.

Our research shows an almost equal split in the number of respondents interested in either deploying an on-premises solution that mirrors the security plus network capabilities (51.9%) and/or deploying a similar solution in the cloud, i.e. SASE (51.3%).

This almost equal approach to on-premises and cloud is typical as new and innovative technologies are introduced to market. Some of this split may also have to do with a perceived readiness and risk appetite of an organization. A more conservative view may take an on-premises approach while organizations with a greater appetite for risk may be willing to go all-in on a cloud approach.

See the full report for a detailed breakdown of on-premises and cloud preferences for network functions, security controls, and network types preferred for edge deployments.

In with the old and in with the new – Legacy security controls still remain

The cost of various security controls vs. effectiveness of those controls is still “in debate.”

More importantly, organizations are adopting new approaches and emerging security solutions, but those same organizations are definitely not finished with legacy controls.

It is very telling that organizations are not yet willing to part with legacy cybersecurity controls. We asked our survey participants about the perceived cost benefit of legacy security controls.

Respondents simply stated that the following were the most cost effective:

Firewall at network edge
Intrusion/threat detection
Network access restrictions device-device
Data leakage monitoring
Password authentication
Application proxy (e.g., secure web gateway, CASB, etc.)

An important mention is that patching is ranked low in terms of cost effectiveness. Patching is reactionary, manual, and time-consuming. Edge deployments require always available networks, ephemeral and high-quality applications, and seamless integration. As organizations look to the future it is likely they will leave manual activities such as patching behind and focus on automation, integration, and real-time alerts for security controls.

The good news with edge deployments is that security is top of mind and on average all industries surveyed expect security to be in the range of 11 – 21% of the total project budget.

We offer up different views of the cost benefit, preferred cybersecurity controls by network and devices, and a look into overall security budgets for edge deployments. This analysis can be extremely helpful as you move forward with ideation, planning, or implementation of your edge deployments.

Removing the silos

We are enthusiastically moving to a world of edge computing. Whether that edge is in your city, your farm, your car, or your home – change is coming. This change calls for a new way of organizations working together – collaborate and communicate cross-functionally, remove artificial barriers to deliver exceptional edge experiences, and challenge old ideas of what security is and how it is implemented.

Edge use cases are abundant, read the AT&T Cybersecurity Insights Report: Securing the Edge to see how very real use cases across industries are.

If you are struggling with how to think about or implement edge deployments, work with a trusted advisor who has experience in this area. A full 65% of our survey participants are working with a third-party for designing and deploying new architectures for edge use cases.

Get the newly released AT&T Cybersecurity Insights Report: Securing the Edge here.

Special thanks

A report of this scope and magnitude comes together through a collaborative effort of leaders in the cybersecurity market. A special thanks to our sponsors for their contributions and guidance on this report.

Akamai
Check Point
Cisco
Digital Defense, by HelpSystems
Fortinet
Juniper Networks
Palo Alto Networks
RedShield
SentinelOne
VMware

One more thing

Join our webcast to learn more about the AT&T Cybersecurity Insights Report: Securing the Edge. We look forward to welcoming you and sharing more highlights of this research. Register here.

Read More

Experts Call for More Open Security Culture After VW Sacking

Read Time:1 Minute, 35 Second

Experts Call for More Open Security Culture After VW Sacking

Security experts have stood up for cybersecurity whistleblowers after a report on Monday claimed a senior employee at a well-known carmaker was fired after raising concerns about fraud.

The Volkswagen staffer was dismissed weeks after raising the alarm about possible vulnerabilities in the company’s payments platform, Volkswagen Payments SA, which JP Morgan bought a 75% stake in back in September 2021.

That same month, the VW employee told managers they were concerned about a potential “fraud event” that had recently taken place, and suggested the need for internal “kill switches” to limit the damage from such events, according to the FT.

After hiring a law firm to look into the concerns, the world’s second largest vehicle-maker reportedly said the information provided was “irrelevant,” and the employee “was terminated due to fundamental differences in the way we work together.”

Jamie Akhtar, CEO & co-founder of CyberSmart argued that business of all types should do more to foster an open culture where employees can raise cybersecurity concerns.

“A huge proportion of successful cyber-attacks stem from some form of human error and the best way to counter this is by staff feeling comfortable in raising concerns or asking questions,” he added. “After all, you never know who in your business might spot that something isn’t quite right.”

Outpost24 CSO, Martin Jartelius, said that most firms have a fraud prevention and whistleblower system to root out wrongdoing.

“If a member of a team believes something is a risk, it’s important to investigate and escalate according to your process and making your decision based on the facts,” he added.

Volkswagen does indeed have such a system, having established an internal Together4Integrity program to encourage reporting following a 2015 diesel emissions scandal. That makes it doubly perplexing why the individual was ultimately fired.

Read More

Experts Call for More Open Security Culture After VW Sacking

Read Time:1 Minute, 35 Second

Experts Call for More Open Security Culture After VW Sacking

Security experts have stood up for cybersecurity whistleblowers after a report on Monday claimed a senior employee at a well-known carmaker was fired after raising concerns about fraud.

The Volkswagen staffer was dismissed weeks after raising the alarm about possible vulnerabilities in the company’s payments platform, Volkswagen Payments SA, which JP Morgan bought a 75% stake in back in September 2021.

That same month, the VW employee told managers they were concerned about a potential “fraud event” that had recently taken place, and suggested the need for internal “kill switches” to limit the damage from such events, according to the FT.

After hiring a law firm to look into the concerns, the world’s second largest vehicle-maker reportedly said the information provided was “irrelevant,” and the employee “was terminated due to fundamental differences in the way we work together.”

Jamie Akhtar, CEO & co-founder of CyberSmart argued that business of all types should do more to foster an open culture where employees can raise cybersecurity concerns.

“A huge proportion of successful cyber-attacks stem from some form of human error and the best way to counter this is by staff feeling comfortable in raising concerns or asking questions,” he added. “After all, you never know who in your business might spot that something isn’t quite right.”

Outpost24 CSO, Martin Jartelius, said that most firms have a fraud prevention and whistleblower system to root out wrongdoing.

“If a member of a team believes something is a risk, it’s important to investigate and escalate according to your process and making your decision based on the facts,” he added.

Volkswagen does indeed have such a system, having established an internal Together4Integrity program to encourage reporting following a 2015 diesel emissions scandal. That makes it doubly perplexing why the individual was ultimately fired.

Read More

Cyber Essentials Overhauled for New Hybrid Working Era

Read Time:1 Minute, 41 Second

Cyber Essentials Overhauled for New Hybrid Working Era

The UK government has launched a significant set of new requirements for organizations looking to comply with its Cyber Essentials scheme to bring it up to date with the way people live and work today.

Announced late last year, the changes will not impact the scheme’s overall control themes of firewalls, secure configuration, user access control, malware protection and software updates.

However, it has been expanded to address a new set of scenarios brought about by digital transformation and new post-pandemic working patterns.

There’s a new shared responsibility model to ensure organizations can better understand and fulfill their obligations to secure cloud services and infrastructure across SaaS, IaaS and PaaS.

There are also new requirements around home working, which is increasingly the norm for many workers today. This includes expectations about deploying firewall controls to users’ machines and devices.

The program has also been updated to include guidance on which multi-factor authentication (MFA) type to choose for employees, focusing on usability and accessibility.

Backups are not covered because the scheme doesn’t want to “overburden” organizations, even though it strongly recommends a rigorous backup and recovery program.

While the costs associated with Cyber Essentials will remain the same for small and micro companies, a tiered system means larger firms will pay more; now £600 including VAT.

“We still view Cyber Essentials as the minimum standard for cybersecurity in the UK but we also need to ensure it keeps evolving as the threat landscape and technology change. This major update is part of that ongoing regular review, explained “Anne W” of the National Cyber Security Centre (NCSC).

“We are also looking at what other services we can introduce to support Cyber Essentials. This includes providing an advisory service to help organizations that don’t have their own technical support with the practical configuration of their systems, and how to address the security challenges that larger organizations with complex IT estates face to meet the minimum standard.”

Read More

Cyber Essentials Overhauled for New Hybrid Working Era

Read Time:1 Minute, 41 Second

Cyber Essentials Overhauled for New Hybrid Working Era

The UK government has launched a significant set of new requirements for organizations looking to comply with its Cyber Essentials scheme to bring it up to date with the way people live and work today.

Announced late last year, the changes will not impact the scheme’s overall control themes of firewalls, secure configuration, user access control, malware protection and software updates.

However, it has been expanded to address a new set of scenarios brought about by digital transformation and new post-pandemic working patterns.

There’s a new shared responsibility model to ensure organizations can better understand and fulfill their obligations to secure cloud services and infrastructure across SaaS, IaaS and PaaS.

There are also new requirements around home working, which is increasingly the norm for many workers today. This includes expectations about deploying firewall controls to users’ machines and devices.

The program has also been updated to include guidance on which multi-factor authentication (MFA) type to choose for employees, focusing on usability and accessibility.

Backups are not covered because the scheme doesn’t want to “overburden” organizations, even though it strongly recommends a rigorous backup and recovery program.

While the costs associated with Cyber Essentials will remain the same for small and micro companies, a tiered system means larger firms will pay more; now £600 including VAT.

“We still view Cyber Essentials as the minimum standard for cybersecurity in the UK but we also need to ensure it keeps evolving as the threat landscape and technology change. This major update is part of that ongoing regular review, explained “Anne W” of the National Cyber Security Centre (NCSC).

“We are also looking at what other services we can introduce to support Cyber Essentials. This includes providing an advisory service to help organizations that don’t have their own technical support with the practical configuration of their systems, and how to address the security challenges that larger organizations with complex IT estates face to meet the minimum standard.”

Read More

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch Tuesday blunder

Read Time:34 Second

The past few weeks left IT professionals overwhelmed as organizations scrambled to assess if they were vulnerable to threats posed by the Log4Shell vulnerability. As if that weren’t enough of a challenge over the holidays, more Log4j CVEs followed, not all of which deserved equal attention.

And Microsoft’s January Patch Tuesday flaws caused even more confusion, with the first batch of updates breaking functionality, forcing another round of updates.

Such is the predicament often faced by IT and cybersecurity professionals: Figuring out which vulnerabilities are most critical and deserve immediate attention, what can wait, and when to trust and apply an update.

To read this article in full, please click here

Read More

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch Tuesday blunder

Read Time:34 Second

The past few weeks left IT professionals overwhelmed as organizations scrambled to assess if they were vulnerable to threats posed by the Log4Shell vulnerability. As if that weren’t enough of a challenge over the holidays, more Log4j CVEs followed, not all of which deserved equal attention.

And Microsoft’s January Patch Tuesday flaws caused even more confusion, with the first batch of updates breaking functionality, forcing another round of updates.

Such is the predicament often faced by IT and cybersecurity professionals: Figuring out which vulnerabilities are most critical and deserve immediate attention, what can wait, and when to trust and apply an update.

To read this article in full, please click here

Read More

Using the NIST Cybersecurity Framework to address organizational risk

Read Time:41 Second

The U.S. federal government has been very active the past year, particularly with the cybersecurity executive order (EO) and associated tasks and goals that have come out of it. One framework and industry source that has been getting increased attention is the NIST Cybersecurity Framework (CSF).

The CSF came out of another EO, 13636, which is from 2013 and directed NIST to work with stakeholders to develop a voluntary framework for reducing risk to critical infrastructure. It was produced through coordinated efforts with industry and government, which have both widely adopted the framework.

Here’s how the CSF is composed, how aspects of it can help meet some of the recent cybersecurity EO objectives, and how any organization can use it to better map risk to threats.

To read this article in full, please click here

Read More

Using the NIST Cybersecurity Framework to address organizational risk

Read Time:41 Second

The U.S. federal government has been very active the past year, particularly with the cybersecurity executive order (EO) and associated tasks and goals that have come out of it. One framework and industry source that has been getting increased attention is the NIST Cybersecurity Framework (CSF).

The CSF came out of another EO, 13636, which is from 2013 and directed NIST to work with stakeholders to develop a voluntary framework for reducing risk to critical infrastructure. It was produced through coordinated efforts with industry and government, which have both widely adopted the framework.

Here’s how the CSF is composed, how aspects of it can help meet some of the recent cybersecurity EO objectives, and how any organization can use it to better map risk to threats.

To read this article in full, please click here

Read More