0:00
/
Generate transcript
A transcript unlocks clips, previews, and editing.

Ask Me Anything Cyber: Your VPN just became attackers' front door

A recording from CyberMaterial's live video


Missed the live session?

Watch it here!!!

For years, Virtual Private Networks (VPNs) have been the go-to solution for securing remote access. Whether employees were working from home, traveling, or connecting from a coffee shop, VPNs promised a simple solution: encrypt traffic, establish a secure tunnel, and safely connect users to corporate resources.

But today’s enterprise environment looks very different.

Organizations have embraced cloud computing, hybrid work, Software-as-a-Service (SaaS) applications, and globally distributed teams. At the same time, cybercriminals have shifted their focus toward identity, credentials, and remote access infrastructure. As a result, VPNs—once considered a cornerstone of enterprise security—have increasingly become attractive targets for attackers.

That raises an important question:

What happens when the tool designed to protect your network becomes part of the attack surface?

That was the focus of the latest Ask Me Anything Cyber, where we welcomed Julia Kushnir, CEO of Spiral Networks, to discuss the evolution of secure connectivity, the limitations of traditional VPNs, and what modern organizations should consider as they rethink remote access.

The Reality Behind VPN Security

VPNs continue to serve an important purpose. They encrypt communications between users and corporate networks, helping protect data in transit over untrusted networks.

However, encryption alone doesn’t solve today’s security challenges.

Modern attacks increasingly target the authentication process, compromised credentials, vulnerable VPN appliances, and improperly configured remote access infrastructure. Once attackers gain access through a trusted VPN connection, they often inherit the same network privileges as legitimate users, allowing them to move laterally, escalate privileges, and access sensitive systems.

Rather than breaking encryption, attackers frequently exploit the systems surrounding it.

The Expanding Attack Surface

The shift to hybrid work has fundamentally changed how organizations think about security.

Employees now connect from personal devices, managed laptops, mobile phones, and locations around the world. Critical business applications reside across multiple cloud providers and SaaS platforms rather than inside a single corporate data center.

This distributed environment makes it increasingly difficult to rely on a traditional network perimeter.

Instead of defending a clearly defined boundary, security teams must protect identities, devices, applications, and data wherever they reside.

Why Identity Matters More Than Ever

One of the recurring themes throughout the discussion was the growing importance of identity.

Many security professionals now describe identity as the “new perimeter.” Rather than automatically trusting users after a successful VPN connection, organizations are increasingly adopting approaches that continuously verify users, devices, and context throughout a session.

Questions such as:

  • Is this the expected user?

  • Is the device healthy?

  • Is the login location unusual?

  • Does the user actually need access to this application?

have become just as important as encrypting network traffic.

AI: Helping Both Attackers and Defenders

Artificial intelligence is reshaping both sides of cybersecurity.

Attackers are using AI to craft more convincing phishing campaigns, automate reconnaissance, identify exposed infrastructure, and accelerate credential theft.

Defenders, however, are leveraging AI to analyze user behavior, detect anomalous access patterns, identify compromised accounts, and respond to threats much faster than traditional rule-based systems.

Rather than replacing existing security controls, AI is becoming an important layer that helps organizations make more informed access decisions in real time.

Rethinking Remote Access

One of the key takeaways from the conversation is that organizations should no longer think of remote access simply as a connectivity challenge.

Instead, it has become an identity and risk management challenge.

Modern security strategies increasingly focus on:

  • Least-privilege access

  • Continuous authentication and verification

  • Identity-aware access controls

  • Device trust and posture validation

  • Application-specific access instead of broad network access

These approaches reduce unnecessary exposure while still allowing employees to work securely from anywhere.

Looking Ahead

VPNs are unlikely to disappear overnight. Many organizations will continue relying on them for years to come.

The bigger question is how VPNs fit into a modern security architecture.

As enterprises continue adopting cloud services, embracing hybrid work, and defending against increasingly sophisticated attacks, organizations must evaluate whether extending the corporate network remains the best model—or whether secure access should be built around identity, context, and continuous verification.

Remote work is here to stay. Attackers continue to evolve.

The way organizations think about secure access must evolve as well.



Stay tuned for future episodes of Ask Me Anything Cyber, where we continue bringing together cybersecurity leaders, innovators, and experts to discuss the technologies, threats, and trends shaping the future of cyber defense.



Get more from CyberMaterial in the Substack app
Available for iOS and Android

Discussion about this video

User's avatar

Ready for more?