[BreachExchange] Why Zero Trust Should Be The Top Security Initiative For 2020
Destry Winant
destry at riskbasedsecurity.com
Mon Feb 3 10:10:26 EST 2020
https://www.forbes.com/sites/forbestechcouncil/2020/01/31/why-zero-trust-should-be-the-top-security-initiative-for-2020/#1e35f9f61c1a
Most organizations consider the start of a new year the ideal time for
establishing important strategic business initiatives. This year,
digital transformation initiatives that integrate technology and cloud
services to automate internal workflow and external collaboration
among customers and partners are among the top priorities across all
industries. These initiatives that further embed the cloud, mobility
and apps into existing processes can create real business value but
also produce great business risk.
Given last year’s poor report card on cyberthreat prevention, the
outlook for this year is not good unless new methods are implemented
as part of a digital transformation initiative’s IT security
framework. According to Risk Based Security, 3,813 breaches were
reported during the first six months of 2019, exposing over 4.1
billion records. On average, this represents roughly 21 breaches every
day. It is evident that new approaches to security need to be
considered.
In my 20 years in cybersecurity, I’ve worked with hundreds of
organizations, supporting their security and threat prevention
initiatives. I've seen how embracing the concept of zero trust
security is a promising move toward changing these statistics. Zero
trust security is uniquely positioned to address the new security
challenges enterprises face.
Ever-Evolving Attack Vectors
The level of sophistication coupled with the volume of cybersecurity
attacks is forcing enterprise IT security personnel into a reactive
position. Today’s hackers are exploiting weaknesses in perimeter-based
legacy IT security infrastructures to penetrate networks that have
been fundamentally changed by mobility and the use of the cloud. Most
enterprise network traffic now moves “north to south,” from endpoints
to the web and cloud. Because companies haven’t caught up with this
new reality, hackers are taking advantage of this by attacking
dispersed networks with phishing schemes and social engineering-based
attacks. Verizon’s latest Data Breach Investigation Report indicates
phishing attacks and malicious websites accounted for many
malware-based enterprise attacks.
Perimeter Security Needs To Evolve
Migrating business-critical applications to the cloud and making them
accessible from a multitude of devices is changing how hackers think,
and enterprise IT needs to be a step ahead. The need for
anywhere-anytime access to network resources is making enterprise data
more vulnerable. As apps move to the cloud and are accessed by
contractors, partners, employees and BYOD endpoints, the need for
accessibility often clashes with security.
Why Faster Is Possible In Cloud Migration
Many enterprises are discovering that traditional security
infrastructure such as firewalls and web gateways are ineffective at
keeping internet-borne threats such as malware and ransomware out. In
addition to this, they are overly complex and costly to configure and
manage. Meanwhile, application access solutions such as VPNs can be
cumbersome for users and difficult to administer and maintain.
Zero Trust Access
To bolster overall organizational security and combat threats
targeting their digital transformation initiatives, many businesses
are beginning to implement tools aligned with zero trust — a security
strategy based on the concept “never trust; always verify.” The goal
is to reduce risk by implementing granular access policies that allow
organizations to control, down to the individual resource level, what
communications are permitted between different access points on the
network. This prevents attackers from entering enterprise
infrastructure — whether in the cloud, on-premises or a mix of both —
and moving laterally.
Many enterprises establish control of access for two critical starting
points on their zero trust security journey. First, they focus on
remote applications because they are the foundation of how many
distributed enterprises operate today. Next, they concentrate on web
access (including email) because it is one of the primary attack
vectors for cyberthreats.
Putting Zero Trust Into Practice
In my experience, there are two technologies that are particularly
helpful to companies embarking on a zero trust security approach:
remote browser isolation (RBI) to secure web and email access, and
software defined perimeter (SDP) to secure and control remote
application access. Let’s take a closer look at both.
The areas that are most susceptible in a company’s IT environment are
web and email access, and they are also the least amenable to control.
How can restrictions necessitated by the zero trust security framework
be applied in these areas, without impacting user productivity? RBI
secure web access can provide access without increasing security risk.
Only a safe interactive representation of the content is streamed to
the user’s device. If a threat is present on a website, no matter how
sophisticated or stealthy it is, it never reaches the user. Whether
users browse malicious sites directly or reach them by clicking URLs
in phishing emails, web content is never executed directly on their
device, which keeps users out of harm’s way.
For zero trust control of remote application access, implementing an
SDP can vastly improve security and reduce complexity, compared to the
traditional VPN approach. SDP solutions provide secure direct
connections from any device, wherever it is, to any corporate
application, wherever it is. Agentless SDP solutions are provisioned
as cloud services, eliminating the need to deploy or maintain any
appliances in a data center.
SDP solutions provide point-to-point application-level connectivity
between users and applications, based on user identity, ensuring that
a user is connected to a specific application only after they have
been fully authenticated and authorized. This differs fundamentally
from VPNs, which first connect users to the exposed IP address of
applications they are trying to access and then check whether they
should be authorized for further access. SDPs dramatically reduce your
attack surface by hiding the IP addresses to defend your network from
attackers.
2020: Zero Trust’s Delivery Date
Enterprises are beginning to embrace zero trust security since it
offers improved security while simultaneously improving flexibility
and reducing complexity. As enterprises develop their 2020 digital
transformation initiatives, a wise move is to directly include zero
trust security, baking in the proactive protection required in this
new decade.
More information about the BreachExchange
mailing list