ArticlePDF Available

Cybersecurity Mesh

Abstract

For this research on cybersecurity mesh, we will focus on some journal and article on Cybersecurity. This research will explain thematically from the start of the COVID-19 pandemic were working remotely just started to the impact of COVID-19 on the cybersecurity field and creating the trend of Cybersecurity Mesh. This trend started because of the need to work in a remote location. And organizations need to push to do the digital transformation in their organization so the working in a remote area can do work. It sounds easy, but organizations need to have a platform or method for this. Businesses or organization must adapt how they operate daily in which working from a remote location or home. Most organizations often neglect the seriousness of the matter. The reputational, operational, legal, and compliance implications could increase the cybersecurity risks to the organization. An example of a Cyberattack during a pandemic is a Flow control Attack, Injection Attack, Information leakage Attack and Denial of Services (DoS) attack. In traditional Cybersecurity, all of these can be avoided as the user and the assets are all in a specific parameter, as mention earlier in this paper. But working remotely the employee or user is in the open to the Working from Home Malicious Cyberthreat. There is a significant issue to these that is the network used by the user. Using a home network, this network is an unsecured home network. There is a network that only has the essential security feature installed by the Service Provider. Is the user antivirus software installed and updated regularly? Is there a firewall installed in this home or location? All these questions need to be addressed to have the overview information to determine the risk need to face when implementing a working from home or remote location.
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
1
Cyber Risk Management is to look at what could go wrong - and then decide on the best ways to
prevent or minimize these potential problems. Nowadays, it is becoming an increasingly important
activity within private and government sectors and organizations to be free from any threat and,
more specific, Cybersecurity in today's age. Every day we face risk when we step out of our home,
but how we meet the wager determines the risk. And how we handle or solve the trouble is a crucial
step, and we need a guide on overcoming the issue. We all carry out informal risk management
numerous times in a day without even realizing it for Cybersecurity. Before discussing
Cybersecurity, let us clear the misconception on Cybersecurity or cyber threats and confuse cyber
risk. What is the difference between these concepts and what defines an organization's cyber risk
posture, internal security posture, and the exploitability of threats in the context of organizational
risk? What defines cyber risk? Cyber risk comprises many factors, including compliance posture,
threats, vulnerabilities, reachability, and business criticality. Cyber risk risks financial loss,
disruption, or damage to an organization's reputation from some failure of its information
technology systems in layman's terms.
On 19 October 2020, Gartner released a document titled "Gartner Top Strategic Technology
Trends for 2021". This document mentions the top strategic technology trends for this year, and
there will be nine new trends mention by Gartner and one them is Cybersecurity Mesh. The trend
started due to the COVID-109 pandemic. This has increased the need to work from home. This
situation has created a haven for the cyber attacker and a nightmare to the organization, especially
to the network manager and security manager. Before the pandemic hit us at the end of 2019, we
perceive Cybersecurity by securing or building a parameter around the organization infrastructure,
the office building, the server room, or the data centre. Using this solution, we are heavily
dependent on the hardware side of Cybersecurity to secure the back end of the data centre, like
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
2
using a firewall to secure and monitor the network. And using software also like monitoring
network activity and antivirus to monitor the server, desktop, and laptop from virus attacks. But
when the laptop, mobile devices and Internet of Things (IOT) start to be used in an organization,
there is little change in the policies and how Cybersecurity is checked or monitor in an organization
as the user will be coming back to the office to do the work. The pandemic hit, and the organization
need the staff of work from home, which has brought new challenges and problems.
All over the world, the pandemic has impacted how we do work today. Working from a remote
location or home is the new norm. Laptop users and using mobile devices on the go, all the rules
of engagement need to be updated to accommodate this. Policy-based security needs to be
extended to assets outside the organization. Then we need to check the organization's view on the
employee using the personal laptop to access the system and servers. Bring your device or (BYOD)
policies also need to look at as these assets are not the organization's own, and we do not know the
hardware and if malicious software already infects the machines. When this happens, it makes a
new opportunity for the hackers to gain sensitive data from an organization. As we are moving
forward to this new norm, Cybersecurity has evolved to that mention by Gartner called
"Cybersecurity Mesh". But what is Cybersecurity Mesh?
Cybersecurity Mesh is an approach to help an organization meet with the digital age where the
pandemic has caused a shift to how we work in an organization. With remote working is using
laptops and mobile devices to help the organization still be able to do their business has accelerated
the digitalization of work. Hence security needs to keep with the pace and current time with these
rapid changes. Cybersecurity mesh combines and utilizes the distributed architectural approach to
scalable, flexible, and reliable cybersecurity control. As assets and devices are now at a remote
location or outside the traditional site, we need to have a control mechanism to secure the user
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
3
access using the system and the sensitive data. This will enable the person or anything to securely
access the data remotely while still providing the necessary security and will give peace of mind
to the stakeholder. (Posts & Network, 2021) In America and Europe, working remotely is already
a regular working style. Still, at some point, staff will come back to the office to finish up work
and submit the report or find physical information and meet with stakeholders.
For this research on cybersecurity mesh, we will focus on some journal and article on
Cybersecurity. This research will explain thematically from the start of the COVID-19 pandemic
were working remotely just started to the impact of COVID-19 on the cybersecurity field and
creating the trend of Cybersecurity Mesh. This trend started because of the need to work in a
remote location. And organizations need to push to do the digital transformation in their
organization so the working in a remote area can do work. It sounds easy, but organizations need
to have a platform or method for this. Businesses or organization must adapt how they operate
daily in which working from a remote location or home. Most organizations often neglect the
seriousness of the matter. The reputational, operational, legal, and compliance implications could
increase the cybersecurity risks to the organization. An example of a Cyberattack during a
pandemic is a Flow control Attack, Injection Attack, Information leakage Attack and Denial of
Services (DoS) attack. In traditional Cybersecurity, all of these can be avoided as the user and the
assets are all in a specific parameter, as mention earlier in this paper. But working remotely the
employee or user is in the open to the Working from Home Malicious Cyberthreat. There is a
significant issue to these that is the network used by the user. Using a home network, this network
is an unsecured home network. There is a network that only has the essential security feature
installed by the Service Provider. Is the user antivirus software installed and updated regularly? Is
there a firewall installed in this home or location? All these questions need to be addressed to have
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
4
the overview information to determine the risk need to face when implementing a working from
home or remote location.
The first paper is title Security vs Flexibility: Striking a Balance in the Pandemic Era. This paper
will describe the cybersecurity threats and challenges faced by employee and employer during the
Pandemic lockdown. The COVID-19 pandemic has changed how we do our work. This, in turn,
forces the digital transformation mechanism by the organization so that the business is not affected.
These digital transformations have brought new problems and have increase cybersecurity threats
to the organization. We also must understand the balance needed to have the flexibility of working
offside while having the security to avoid threats. (Soni, 2021)
With the digital transformation, the business's aim was that the company still can continue, and
the staff's productivity would not be affected. The problem is that some mechanism was put in
place without the security in focus in the development. Most employees are not training to
understand the cybersecurity landscape. The limited resource on the employee side to work
remotely will make the employee forget the need to have security as part of the work, to safeguard
the organization's information.
Employees must make do with what they must continue the work at home. Most of the staff do not
have the technical skill to navigate the internet to avoid any risk. With no skill and with the sudden
change of working policies employee was underprepared with the knowledge and tool to start
working remotely. Some of the tools are mechanism set in place by the organization example is
Virtual private network or VPN some employee was forced to use their laptop to install the VPN
in it. One of the most important things that the employee lacks is awareness of Cybersecurity and
how to manage threats in the cyber world.
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
5
Companies also face challenges as the top management must scramble to develop a new policy to
enable the employee to work from home. This creates some issues to organizations that are still
very traditional, especially in government, where the staff needs to be physical in the office to
access the systems. The organization's Cybersecurity only caters the within the parameter of the
company office an intranet-based network to access the system will result in unable to access the
system from home and remote location. These can be solved using VPN. But organizations would
require Cybersecurity Experts to test this method to see the risk, but it was overlooked due to the
urgency of the matter. Risk involves dependency on third-party tools, and using BYOD devices
has high risk as the experts from the organizations do not check these devices. Zoom, a video
conference application widely used during the pandemic to conduct meetings, was targeted by
hackers. These are some of the threats faced in work remotely.
When the global shutdown happens during the pandemic, it has caused a disturbance to the world
economy, affecting the cybersecurity infrastructure. As we observe that it affects the staff and
organization as neither of them, we prepare in this situation. This the perfect environment for the
hackers to attack as the world is still in a panic, and business and government struggle to provide
the necessity. The authors highlight the issues where many organizations fail to see that during the
pandemic we do not prepare to work remotely and the technology we have currently does not
support the flexibility required to the situation. Many fake websites prop up to users looking to
find the information during the lockdown and install a malicious application onto the user machine.
It has been hit during pandemic they are spam emails, malware hidden inside interactive maps,
phishing attack and the most popular is the ransomware attack. Most of these attacks are directed
to the home users meaning that they attacked the employee during their work. They attack home
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
6
uses because they do not have the proper cybersecurity countermeasure at home compared to what
they have at the office.
In the research, the research has used information gathering from the current situation of the
pandemic and the survey conduction to the organization and the staff themselves. The researcher
also suggests new mechanisms that organizations can use to be prepared for the latest anticipated
cybersecurity risks. These are the Phishing Detection Engine and AI-assisted tool to manage and
detect user from entering phishing. It is done by building a database of the website and block in a
tool install in the machine BYOD or machine provided by the organizations to the staff. Of course,
having a Resilient Cybersecurity Framework will help in this situation. This will have the
document on how they manage the threats, the organization's appetite level, and how to mitigate
the threats. And finally, a tool for the staff to report on an incident a Proper Incident Reporting
Tools. This will help to escalate the issues to the cybersecurity team to act on them.
The paper's objective is to show we need to change how Cybersecurity is managed during the
pandemic. This is because the traditional way we are current during that is to secure the parameter
of the organizations is not sufficient. To cope with the global demand for both the employee and
employer side. In this paper, the author shows how unprepared the employee and employer during
the lockdown. With no policies and bare minimum hardware for employees to do their work
accessible to the information is hard is most of the information physical copy bull in the
organization servers. An employee with no technical knowledge and lack of cybersecurity experts
has led to increasing attack dependently because we lack knowledge on Cybersecurity.
The authors frequently mention the importance of Cybersecurity. The stakeholder needs to
acknowledge it, set up a secure network, and gather the experts to manage it. For BOYD devices,
it needs to be configured before able to access the network or system. A standard and approved
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
7
remote access solutions need to be used across the users. The system needs to have multifactor
authentication mechanisms to enable access to the network or application. Time-out sessions need
to be set to prevent unauthorized access. VPN can be used to establish a network to the organization
network to access information. The threats that have been occurred during the pandemic have will
still linger around after the lockdown. The paper also mentions some techniques that can assist
organizations in managing Cybersecurity to find the balance and flexibility of working remotely.
Adaptability is the key during this troubled time. Cybersecurity needs to adapt to the situation and
try for foreseen coming issues. The employee needs to self-aware of their action will compromise
the organization if they are not careful in the cyberworld. The paper mentions that success in
Cybersecurity is not eradicating cyber threats or the coronavirus. Still, it is about making sure that
life can go on despite the challenges posed by the cyber threats or the virus. With the collaboration
between the employees and employers, they must safeguard the flexible work arrangements. This
paper shows the start of the lockdown where the work remotely or work from home and where the
problem starts as the organizations and staff were caught unprepared with the pandemic. It paves
a way to a new trend in Cybersecurity that is the main title of the research, Cybersecurity Mesh.
The second document is an article called The Impact of COVID-19 on Cybersecurity. The first
paper is more of an introduction to the problem where the organization and staff need to find the
balance to work remotely. The second paper shows the impact of COVID-19 on the digital working
environment and the Cybersecurity affected by the digital transformation. The pandemic has
forced the government to imposed restrictions on travel requesting the business to allow their staff
to work from home and increase our depended-on technology. The article states that the increase
in cybersecurity cases is double during the pandemic from 100-150 incident to 350 incident happen
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
8
in Switzerland. This due to working at home that does not have the same security level and
protection from the working environment. (Cyber, 2021.)
Hackers additionally use credential stuffing strategies to access the employees' credentials, and the
stolen information is then bought to different cybersecurity criminals on the dark web. One of the
effects is a severe disruption to an organization that depends on video conferencing platforms like
small businesses and high-volume meeting organizations. Credential stuffing is a type of cyber-
attack where the hackers use formerly stolen credentials of username and password to get
admission to different accounts.
This article explains the problem of COVID-19 on Cybersecurity, as most of the solution, post-
pandemic, is parameter based. And most of these threats have intensified because of the
opportunities that have arisen during the COVID-19 outbreak. The threat landscape is diverse.
Some attack is a high-level nation-funded cyber-attack to cybercriminals trying their luck to during
the chaos of poor security and losing policies to hacktivists fuelling their agenda and new hacker
or script kiddies testing out a cyberattack. The main reason for does spike of attack is the lax
security and policy taken during the pandemic. Mainly because of the BYOD policy where the
staff's laptops or devices are not secure to work remotely. This contrasts with corporate-owned
personally enabled (COPE) devices where these devices have been already being checked by the
security expert machine that had been check by the secret experts are less likely to be hacked.
As mentioned earlier in the first paper and including this article working from home does not
guarantee the same level of cybersecurity environment staff exposed to cybersecurity threats
compared to when they are at the office or the organization headquarters. This causes one of the
significant issues to Cybersecurity is the human factor; humans tend to make mistakes that can
lead to dire consequences. The staff or employees are not to be blamed for all the mistakes the
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
9
business organization needs to be prepared for the cybersecurity risk before working from home.
Working remotely needs proper tools devices that are in place approved by the cybersecurity
experts before organizations implement working remotely. Unfortunately, in an organization,
Cybersecurity has been taking the back seat all over the world. Cybersecurity was not always a
key priority in the fast deployment of remote working capabilities. For example, some companies
do not check the employee devices for standard security protection examples: firewalls, antivirus,
and VPN. This is the objective of the paper to recognize the threat that faces by the employee and
employer. In this article, the author provides an example of how companies and employee can
increase their security. Employees working from home using their personal computers or using the
approved corporate owned, personally enabled or COPE devices should implement essential
cybersecurity hygiene practices. This practice includes having antivirus protection on the device
employees need to have been trained on cybersecurity awareness organization systems to have an
anti-phishing system. In awareness, program employees need to be advised to provide a strong
password for their home Wi-Fi to their email account and system account. Businesses and
organizations need to offer a reliable VPN and only allow VPN access through their system.
Cybersecurity experts or IT experts need to regularly check the back end, meaning the server to
identify weak spots in the server patch periodically and view the logs for suspicious logins. The
company should periodically evaluate cybersecurity risk exposure and determine whether existing
controls are robust enough regular checks for the reviews need to be done. The cybersecurity
frameworks and business continuity and plan need to be updated to consider cyber-attacks in any
scenario.
One of the methods is the zero-trust policy. This article mentions that a zero-trust approach is a
security model where only authenticated and authorized users and devices permitted access to the
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
10
applications and data (Security, 2021). This chapter challenges the concept of access granted by
default, meaning that only a selected staff can access sensitive data. This will reduce information
leaks in an organization. The zero-trust model is because no one or nothing is to be trusted. This
is the approach of the research. For the zero-trust model, history ensures that our equipment system
and any devices connected to its organization network securely access regardless of location. What
is excellent about the zero-trust model is it adopts the least privileges access model strategy and
enforces strict access control into the organization's network and system. The zero-trust approach
is very significant to increase Cybersecurity and reduce the impact. In this way, the paper's
suggested approach prevents access to information that the staff should not have and checks the
identity if hackers have compromised it before giving access to any data. Next is to inspect and
record everything the system needs to register and log any incoming information and any outgoing
information; the log must be reviewed regularly.
The third paper that will be reviewed is called Cyber Security Mesh: What it is and how it can be
used in IT Development? This article defines cybersecurity mesh as a border concept that involves
a broader network of nodes. It consists of designing and implementing and its security
infrastructure that does not focus on building a single perimeter in an organization's office or data
centre but around all the devices or nodes of an IT network but instead establishes a smaller
individual parameter. Ideally, a cybersecurity mesh can be viewed as a centralized ICT security
policy with a distribution on the policy enforcing it. It can be more robust, flexible, and modelled
on network security by safeguarding each node. Network managers and allow only the right person
to login into the system, and the network manager can better maintain and keep a differential level
of access to different parts of a given network to prevent hackers from exploiting a weakness in
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
11
the network. By having this cybersecurity mesh, hackers are unable to infect the other nodes link
in the networks. (Mesh, 2021)
The problem is that the traditional way of Cybersecurity was implemented more on a parameter
base where you try to secure the organization network and the data centre. The system was also
secure in the traditional manner were using a username and passwords to provide access to the
employees. By implementing cybersecurity approaches, we need to reconfigure or change how we
perceive cybersecurity infrastructure ultimately. To solve the issues, it can be developed during
the planning stage of the network and system. It is essential to include the development team to
integrate cybersecurity mesh in their architectural design of the network and the application. The
objective is to establish cybersecurity mesh to be more flexible, robust and modular approach to
network security. This method is to ensure each node to have its parameter meaning the devices
need to be checked by the cybersecurity expert to install the necessary tools like antivirus,
firewalls, and VPN. Zero trust model also benefit in this environment. This is to allow the IT staffs,
network manager to monitor the network and differentiated levels of access through the different
parts of the given network. This is to prevent the hackers from exploiting a given note's weaknesses
to access the border network. If a hacker managed to access a node, it is bound only to that node
and cannot affect the other nodes. This is the significance of Cybersecurity Mesh, where it is ideal
in this environment in working remotely. In traditional Cybersecurity, if the attack manages to
infiltrate the network, the whole network will be affected, but for Cybersecurity Mesh on the
individual is involved in a more isolated incident and manageable by the security team to manage.
Summary
As mentioned by Gartner in their document top tech trends of 2021, it notes that cybersecurity
mesh is one of them. It is indeed a new trend in Cybersecurity as the traditional way of securing
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
12
one's organization is by putting a very secure perimeter around the organization network or data
centre. This method cannot protect the new norm of working remotely. In today's world, we cannot
secure in that manner anymore, most of the staff work in a remote location or at home. An
organization needs first to acknowledge the need to work from a remote location. By accepting
this, the organization stakeholder sees the importance of this new way of working and address it
by providing the appropriate policies. To find the balance between working remotely and still
having the required protection for outside threats need to be included in the guidelines.
Cybersecurity expert advice needs to be considered for this situation as the impact of not listening
to the direction will cause more harm to the organization operation. Previously the organization
provided all the necessary equipment devices for the staff to access the systems to do the work.
Still, because of the COVID-19 pandemic, as advised by WHO, it is necessary to work from home
with a shortage of hardware. The impact COVID-19 pandemic has changed how to navigate the
Cybersecurity environment. From the traditional way for protecting the organization network and
data centre to protect each node or staff connected to the organization network. This has given rise
to implement the Cybersecurity Mesh where it uses a Zero-Trust model. This need to be adopted
as this model where only authenticated and authorized users and devices permitted access to the
applications and data. This method will increase the security of the nodes as only the right person
can access the sensitive information. The cybersecurity framework needs to include the
cybersecurity mesh into it as it is more flexible and robust to safeguard each of the nodes. But what
are the benefits of Cybersecurity Mesh implement to an organization? It raises the manage security
service providers, focusing on delivering solutions with an integrated approach to the problem. As
working remotely will require the user to access from home, it is hard to differentiate the attacker
from the user. Cybersecurity mesh will implement a new way to identify the user using tools to
TMF6044 – ICT Infrastructure Mohammad Ekmal Bin Osman 20030490
13
address common weaknesses identifying the user or attacker. This may include using AI to see the
user pattern to determine their identity. All BYOD and COPE devices need to undergo regular
checks by the security team to prevent any malicious application installed in the machines. The
employee also needs to raise awareness of cybersecurity threats as the human factor is the weakest
link in the security chain. With proper tools and infrastructure and enabling policies, cybersecurity
mesh will help to increase the cybersecurity effectiveness and be standard in all cybersecurity
framework.
Youtube Link on Video Presentation: https://youtu.be/V-j5KJVWyTM
References
Cyber, N. (2021). Impact of COVID-19 on Cybersecurity. 1–7.
Mesh, C. (2021). Cybersecurity Mesh : What is it and how can it be used in IT Development ?
Cybersecurity Mesh : Definition. 4–6.
Posts, R., & Network, N. (2021). What is Cybersecurity Mesh ? What is Cybersecurity. 1–10.
Security, Z. T. (2021). a What is the Zero Trust Security model ? How to implement this strategy
with SealPath ? What is the Zero Trust model ? 1–17.
Soni, V. (2021). Security vs. Flexibility : Striking a Balance in the Pandemic Era.
https://doi.org/10.1109/ANTS50601.2020.9342779
Strategy, S., Architecture, S., Recovery, D., Response, I., & Security, I. (2020). Cyber Risk ,
Cyber Threats , and Cyber Security : Synonyms or Oxymorons ? 2–3.
ResearchGate has not been able to resolve any citations for this publication.
Impact of COVID-19 on Cybersecurity
  • N Cyber
Cyber, N. (2021). Impact of COVID-19 on Cybersecurity. 1-7.
Cybersecurity Mesh : What is it and how can it be used in IT Development ? Cybersecurity Mesh : Definition
  • C Mesh
Mesh, C. (2021). Cybersecurity Mesh : What is it and how can it be used in IT Development ? Cybersecurity Mesh : Definition. 4-6.
What is Cybersecurity Mesh ?
  • R Posts
  • N Network
Posts, R., & Network, N. (2021). What is Cybersecurity Mesh ? What is Cybersecurity. 1-10.
a What is the Zero Trust Security model ? How to implement this strategy with SealPath ? What is the Zero Trust model ?
  • Z T Security
Security, Z. T. (2021). a What is the Zero Trust Security model ? How to implement this strategy with SealPath ? What is the Zero Trust model ? 1-17.