cybercrime grew by 69 percent in 2020, totaling nearly 792,000 complaints and resulting in $4.1 billion in losses. To complicate matters, the rush to at-home work meant a similarly proliferated attack surface for cybercriminals to exploit. Companies can no longer be content to secure a single corporate network against malware strikes; they now must account for potential entry points that are opened up each time a remote staffer accesses assets. After all, as A10 noted, the organization’s security “will only be as secure as the home networks they are on.” As a result, CSPs have had to reallocate network capacity, scale up in some locations and increase overall headcount to better meet demand and improve network security coverage. Revived Focus on Sound Security Policy As seen with this year’s Colonial Pipeline breach, conventional security practices mostly fail when they are overlooked. “Password theft started so many breaches,” said Corey Nachreiner, chief security officer of WatchGuard. “The Colonial Pipeline’s ransomware started with a lost password. Some of the managed service provider attacks that happened before the latest zero-day started with lost passwords. Just having something as simple as enterprise-wide MFA (multi-factor authentication), you kind of block the initial vector to lots of these attacks.” This need for improved end-user awareness via passwords, MFA and even cybersecurity education services is reinforced by A10, which indicated that CSPs widely believe corporate customers need firm MSP policy (47 percent) and bringyour-own-device (BYOD) best practices (42 percent). These statistics are also amplified by an observed 56 percent demand increase in online platforms and portals that support subscriber self service. Increased Need for DDoS Investments Unparalleled increases in targeted malware and ransomware attacks this year only underscore the need for solid, granular, customer-level distributed denial-of-service (DDoS) mitigation by the telco provider. In all, 45 percent of CSPs believe DDoS software needs to be a top priority, with 43 percent calling it the “most important investment” a provider can make in fending off cybercrime. Other traditionally “high-priority” CSP security investments include upgraded firewalls, security appliances and mitigation software. Growing 5G and Multi-Cloud Concern Security investment issues are only compounded by the rapid proliferation of 5G and cloud services. For example, as companies’ operations continue to evolve with time, so too do their purchasing strategies. According to the CSPs surveyed by A10, as much as 58 percent of customers tend to promote resiliency by distributing internet workloads and traffic across a conventional telecom provider and non-telecom cloud service. With the fragmented worker base increasingly embracing these types of technology, today’s service provider must match security service levels to maintain its customer base. Top concerns cited by CSPs include preventing outages (48 percent), maintaining regulatory compliance (44 percent) and achieving consistent subscriber services (41 percent). As a result, A10 noted that more than half of providers have updated their solutions set to address new need for both security (52 percent) and public cloud services (50 percent). Sure, COVID-19 has had a likely permanent impact on today’s business world, changing not just most operations but the solutions offered by the very service providers that support everything that they do. With new challenges in security, however, come opportunities for new developments. And in today’s world, those occasions allow us to see just how far we have come. o What, if any, security challenges are your enterprise customers/subscribers facing if they are supporting an increasing number of employees working remotely? Source: A10 Networks Source: Gartner Timeline indicates when to begin. They need to offer better security to their employees for their remote network and endpoints to ensure that they protect againt increasing cyber attacks They need to revise their employees cybersecurity training program to reflect the hybrid cloud environment They need to roll out multi-factor authentication to their workforce to enhance security They need to update their BYOD policies to make sure that security is robust They need to ensure that employees have adequate local network access from their remote location N/A there are no security challenges my enterprise customers/subscribers face by supporting increasing number of employees working remotely N/A my enterprise customers/subscribers are not supporting an increasing number of employees working remotely 0% 60 50 40 30 20 10 0 55% 55% 47% 42% 21% 1% 0% 14 THE CHANNEL MANAGER’S PLAYBOOK