Today’s forecast: Nothing but Grey Clouds

So, we are finally in the era of borderless networks and 90%+ using VPN and working from remote locations most likely residential homes. How does the user know when work/business activity is separate from private/personal? How does the enterprise know or control this separation?  We are now dependent on cloud services; how do you enforce data classification; data leakage or audit activities.

Today’s High Level Targets are sat comfortably in their home office or more often on their dining table with a laptop protected by a domestic router with default security settings.

If EasyJet’s breach from 17th October 2019 and 4th March 2020 has only just been revealed to us, how long would it take to even detect, treat and reveal the breach of a high-level target in their home?

Oh wait, we are all high-level targets now.

Doesn’t take long for everything to go to s*&t