Verify, and keep verifying: The case for a zero trust framework
No one could have foreseen the tsunami of digital transformation initiatives that were fast-tracked in the wake of a worldwide pandemic. But with 2021 due to see an acceleration of the adoption of distributed working environments, automation, IoT and cloud computing, holes will inevitably appear in organisations' cyber defences.
This will blur what CISOs once knew as a network perimeter. Security teams can no longer take it for granted that workplaces, workloads and workforces are secure. New cybersecurity protocols and solutions must take the place of the cybersecurity norms preceding COVID-19.
A ‘verify, and keep verifying’ approach is a good place to start — in a digitally transformed world and dynamic new environment, static trust can never be assumed. Zero Trust security is at the heart of this mindset.
The emerging security gaps
The risk of compromised credentials shot up in tandem with the rise of remote working last year. Greater reliance was heaped onto cloud services, automation and organisations’ web presence, such as customer portals, retail sites, and supported web applications. Moving from static office environments to dynamic online ones increases the risk footprint of authentication.
According to a Cisco survey, 79% of reported cyber-incidents involved compromised credentials with phishing or brute-force attacks. In aggregate, this means that over half of all breaches can be traced back to a credential-based issue. Compromised credentials are the single cause at the root of most breaches, according to the research.
These attack methods, along with ransomware, crypto-jacking and others, have rendered remote devices challenging to defend: if an organisation does not leverage early detection or continuous verification, once a hacker has been verified and has access, security protocols default to assuming the intruder can be trusted.
Furthermore, this new environment means sophisticated hackers have far more time to plan out a long-term approach and sequence a set of ways to breach the network after their first attack is discovered. That’s leading to second and third wave attacks that can be devastating for an organisation.
Adopting a Zero Trust approach
The changing nature of the threat landscape shows that traditional perimeter security is no longer enough. Environments, infrastructure, applications and operations should be secure by design. This means organisations must subscribe to the concept that security is not absolute, in order to prepare for, prevent, respond, and successfully recover from inevitable breaches without disruption to normal delivery expectations.
Adopting a Zero Trust framework allows organisations to identify and verify each person, device and application attempting to access the infrastructure. No entity is implicitly trusted by default — all must verify using multi-factor authentication, every time. CISOs must also ensure all devices or endpoints are known and accounted for, and are compliant with security policies.
So how do we get there? Effective Zero Trust frameworks incorporate three key attributes: Enforcing policy-based control, greater visibility across your entire environment, and detailed logs and reporting to help detect and respond to threats.
These attributes allow security teams to control devices, the visibility of applications, and where workloads can run through the network.
Zero Trust is a pragmatic and future-proof framework that can help bring effective security across organisations’ architecture. It removes much of the guesswork in protecting infrastructure from all potential threats, and nurtures a cyber-resilient approach and attitude throughout the security team.
By adopting a Zero Trust framework, organisations can go a long way in minimising their business risk.