But in modern networks, those perimeters are ever-shifting. Employees are working remotely, accessing systems and tools through multiple devices. Businesses are moving to the cloud, relying on rapidly proliferating, externally hosted software-as-a-service applications, dynamic microservices, and container-based architectures. The proliferation of Internet of Things (IoT) devices and artificial intelligence means an expanding attack surface that is more difficult to manage than a static network perimeter. These advancements create tremendous opportunities for innovation and growth, but also provide exponentially more potential entry points and opportunities for intrusions and breaches.

“The size and scope of the attack surface has exploded over the past few years,” says Ivan Shefrin, executive director of Comcast Business Managed Security Services. “The IT environment has become much more dynamic, and that makes defending it much more complicated.”

Bad actors, increasingly fueled by AI tools, are attacking with greater frequency and sophistication. Not surprisingly, for Comcast Business security customers, phishing—along with stolen credentials and vulnerabilities in public-facing applications—is the most common pathway for bad actors attempting to gain initial access into business networks, according to the 2024 Comcast Business Cybersecurity Threat Report. Once inside, the report notes, if attackers are able to move unchecked, they could create significant risk to operations and data security.

The combination of changing application architecture, IoT and AI, coupled with intensifying attacks, means breaches should no longer be viewed as a question of if they’ll happen, but when. “Prevention will always be critically important, but regardless of the size of your company, you have to assume intrusions are going to happen and then detect and respond to those attacks once they’ve landed,” Shefrin says. “Assume you’re going to be compromised and prepare accordingly.”

Addressing today’s challenges

As attack surfaces grow more complex, companies must also adhere to more stringent customer- and data-privacy regulations globally, says Maxine Holt, leader of the cybersecurity research group at Omdia. She notes the capacity to manage and protect data effectively—including helping to reduce risk—is increasingly viewed as a crucial enabler of innovation.

Many companies are struggling to keep up with rising demands around security. A recent survey of 900 cybersecurity decision-makers by Omdia found 63% feel the severity of cybersecurity issues has increased over the past two years. One-third said their organizations had experienced several severe security incidents over the past year.

“There are so many vulnerabilities out there that companies know about but don’t have the capacity to address,” Holt says.

Having humans working in tandem with technology to prevent, detect and mitigate cyber events is critical to a robust security framework, Holt says. More advanced technological capabilities provided through managed services, including AI-driven threat detection, are helping ease the burden, bolster existing teams and relieve the skills gap.

When companies can monitor their IT environments across multiple locations—including the cloud and internal networks—security becomes more manageable. “Teams are gathering all of this telemetry and using it to provide more visibility into what’s going on, including detecting and responding to incursions,” she says.

Time is of the essence

The more time threat actors spend undetected in the network, the more damage attacks could cause, whether through data exfiltration, interaction with valid network users, efforts to encrypt or destroy data, or other actions. In its recent threat report, Comcast Business recorded 1 billion data destruction attempts, a tactic that can be used in ransomware attacks. Reduction of “dwell time” inside the network should be a critical goal of modern cybersecurity.

Given the constant threat monitoring this requires and the cyber skills gap many enterprises face, speedy detection can be a challenge. Managed security providers can help companies navigate this new era of cybersecurity, says Shena Seneca Tharnish, vice president of secure networking and cybersecurity solutions at Comcast Business. “Having a partner that can help support your security objectives is very beneficial,” she says. “Most companies aren’t security companies—they need to be focused on their core business, not necessarily growing a larger team of cybersecurity professionals.”

Cloud-based managed detection and response (MDR) services can help organizations continuously monitor their full IT ecosystem, detecting threats in real time and enabling automated mitigation. “It’s incredibly important to have around-the-clock visibility and response,” Seneca Tharnish says.

Boosted by AI-enabled threat detection, MDR is a key component of a “defense-in-depth” security architecture. But businesses should also aim to limit the threat attack surface, adopt strong perimeter defenses and adopt “zero-trust” principles—which require strict verification of every person and device at every access request. All of which encompasses a shift in mindset around the nature of threats and the likelihood of breach.

“No matter how much you spend on people, technology and process, there’s always residual risk,” Shefrin says. “That’s why you need a multilayered approach with perimeter defenses, behavior analysis, and managed detection and response.”

Read the cybersecurity threat report

Originally posted on The Wall Street Journal, https://partners.wsj.com/comcast-business/powering-experiences/a-new-era-in-cybersecurity/