VPNs can be a conduit for cyber attacks. According to the ‘Cybersecurity Insiders 2024 VPN Risk Report’, 56% of companies experienced at least one cyber attack targeting unpatched VPN vulnerabilities in 2024. Of the 647 IT and security professionals who participated in the survey, 91% were “concerned about the potential for VPNs to compromise IT security environments, and recent breaches highlight the risks of maintaining outdated or unpatched VPN infrastructure.” He answered.
This doesn’t mean VPNs are completely useless. This means that the era of relying on VPN for security is over. “We need to implement new solutions that complement existing solutions,” Balarin emphasized.
Ballarin and other experts recommend adopting multifactor authentication (MFA), certificate-based authentication, and zero trust strategies to replace or supplement VPNs. This strategy provides effective defense in depth even when access to legacy applications is still required.
4. On-premise SIEM
SIEM (Security Information and Event Management) systems, which detect and resolve potential security threats and vulnerabilities before they develop into problems, have become a basic security technology.
But George Gerchow, a professor at IANS Research and interim CISO and trust officer at MongoDB, argued that “on-premise SIEM is no longer a necessary technology and should go away.”
Gechow pointed out that on-premise SIEMs generate too many alerts, adding to alert fatigue. He also added that because these systems do not sufficiently reflect the security requirements related to the cloud, companies face a situation where they have to move and store data at great cost or give up using the data.
He continued, “If you have to pay a huge amount of money for logs, you will only select the most important logs, which ultimately means taking a big security risk. “When an accident occurs, we may not be able to secure the necessary logs, and there is also a possibility that we may not be able to collect logs at all due to cost issues,” he warned.
While Gechow acknowledges that many companies maintain on-premise SIEM because they are reluctant to store sensitive log data in the cloud, he believes that the era of on-premise SIEM is over.
5. Traditional firewall
Firewalls are the earliest cybersecurity technology, dating back to the 1980s. Early versions were packet filters built into routers, blocking traffic based on predefined rules based on source and destination IP addresses, port numbers, and protocols used.
Of course, firewalls have evolved a lot since then, and there are versions suitable for today’s complex digital environment. However, CISOs point out that simple firewalls or older web application firewalls (WAFs) no longer do the job sufficiently.
“Firewalls are not going away completely, but traditional hardware-based assets are dead,” said Stephanie Hagopian, director of physical security and cybersecurity at technology sales and advisory firm CDW. “Firewalls are still necessary, but they are moving from heavy hardware assets to being digitally based.”
Hagopian also explained that typically when CISOs replace legacy and on-premises hardware for the cloud and newer digital technologies, they upgrade to the latest firewalls as part of the refresh cycle. “It’s not just a matter of replacing a switch. New firewalls must be configured, existing hardware must be removed, and team members must learn how to manage the new technology. “We are forced to do this kind of work, which requires effort, during the hardware replacement process,” he added.
dl-itworldkorea@foundryco.com
Source: www.itworld.co.kr
