When a presidential executive order recommends zero trust
as a de facto cyber defense strategy, it is time to take heed…The concept of Zero Trust security has been around for a decade, but following the Biden administration’s Executive Order emphasizing the use of capabilities such as endpoint detection and response (EDR) and zero trust, it appears the time for such cyber defenses is now.
In the past, like many things in the industry, zero trust was a concept that was distorted. For years, vendors had tried to redefine the paradigm to align with their existing product capabilities. However, zero trust is not a point solution.
Zero trust is fundamentally dynamic and requires a modern approach to security to be effective. Point products and best-of-suite cybersecurity solutions can no longer keep up in today’s cyber risk environments.
Customers should not be required to rip and replace their investments every time a new threat comes along. What they need is best-of-platform cybersecurity offerings that work well together and reduce staffing requirements, with each vendor focused on their respective core competencies. Constant innovation is required to continually extend protections across users, applications and devices that remains relevant in today’s ever-changing cyber landscape.
Back to the present
Many of the security problems that plague organizations today actually have not changed much in the last few decades. Weak/shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day.
What has changed is the speed and sophistication at which today’s adversaries can weaponize these weaknesses. Also, as organizations stack IT systems on top of each other, explore avenues for workloads and applications in the Cloud and continue to accelerate digital transformation without considering the security implications—attack surfaces have been expanded for adversaries to exploit.
In addition, there still exists a misperception that stopping malware means stopping the breach. It is important but not enough, because adversaries are increasingly launching attacks that are malware-free. In our own research, 62% of all attacks studied were malware-free and featured hands-on-keyboard activity by the adversary. Today’s attackers are adept at exploiting stolen user credentials and identities to bypass legacy defenses, move laterally across infrastructure, abuse systems and execute their attacks.
This gives zero trust security strategies even more relevance now, for securing infrastructure and data in today’s enterprises. However, the industry will need to make significant strides toward realizing the promise of zero trust.
Implementing zero trust correctly
Now that all eyes are on zero trust, the industry has to ensure that there will always be best-in-breed technology that work together and protect customers from today’s and future threats.
We firmly believe that correctly implementing zero trust measures will help to address the sophisticated threats impacting just about every industry, and that it is better to move early rather than after it is too late.
What this means is that firms should be looking to work with cybersecurity partners that have built a robust cloud-based zero trust ecosystem with frictionless integrations. This kind of sophisticated zero trust architecture can best deliver on the modern defence pillars: endpoint and workloads, identity and data. Also worth considering is an “adversary-driven approach” where defenders always think like attackers in order to preempt their tactics, techniques and procedures accurately.
Whether a firm’s IT environment is in the cloud, on legacy premises or a hybrid environment, across any type of technology including legacy systems and unmanaged devices, a properly implemented sophisticated zero trust strategy will reduce friction to users while protecting the expanded attack surfaces of today and tomorrow.