A Zero Trust approach to security preempts attacks. It’s not a question of if you get attacked, but instead how you react to one.
Symmetry Systems and Osterman Research recently released a report outlining how organisations plan to deploy a Zero Trust architecture and why.
The research, based on the answers from 125 IT and security decision-makers at mid-size and large organisations, found that 53% of respondents cited high-profile ransomware attacks as their primary motivator for adopting a proactive Zero Trust approach to protect their firms.
Ransomware, along with other evolving threats, has certainly been a driver for adopting Zero Trust, because if it easily spreads across a corporate network unhindered, organisations will find it extremely difficult to get their compromised data back.
In today’s hybrid-cloud environment, users, developers, supply-chain partners and contractors get access to data through a web of static infrastructure and cloud applications.
But legacy control solutions for this data rely on internal developers’ identity access management (IAM) rules and authorisation policies, which find it almost impossible to keep up with the burgeoning number of threats targeting organisations.
According to the Symmetry/Osterman report, an alternative Zero Trust architecture can increase the efficacy of cyber security protection to block data breaches by 144%.
Linked to this is Zero Trust Network Access (ZTNA), which proactively makes sure users only get access to the applications and parts of the network they actually need to do their jobs, so if malware does leak into the network its damage can be restricted and better controlled.
ZTNA technology is primed to locate, manage and quarantine threats like ransomware, curtailing widespread damage to firms’ networks, servers and databases. A Zero Trust approach assumes that every IT user, gadget and data packet on the network is a potential threat, and essentially interrogates them all before allowing them to pass through the network with the right credentials.
Through automation, orchestration and machine learning, ZTNA technology easily allows companies to provide user access tied to micro-segmentation (parts of the network, apps and databases portioned off to specific users). Such network segmentation enables organisations to restrict lateral access through their networks, reduce the attack surface shown to attackers, and effectively quarantine threats like ransomware.
By stopping detected ransomware and other threats from freely spreading across networks, firms can protect data in other parts of the network, and they will have more time to mitigate the malware that has already breached their network.
Up to now, traditional segmentation has been done via an architectural approach – relying on hardware, firewalls and manual work. This can often prove cumbersome and labour intensive. Advanced and usually expensive firewalls used in segmentation have to create and manage thousands of firewall rules, but other multi-vendor resources used by organisations may not be compatible with some of these rules.
Alternatively, modern software-defined segmentation systems overcome such challenges by offering accelerated implementation with automated policy recommendations, scalability and improved interoperability.
They are simpler to manage overall and are able to secure more critical assets, leading to ransomware attacks and other rogue wear being blocked quicker. They can be used to protect critical applications, public-facing applications, domain controllers, endpoints, servers and business critical assets/data.
We did a recent survey of 1,300 security professionals, and over 70% believe only a Zero Trust approach offers them a proactive versus reactive approach to security.
Zero Trust vendors want to make segmentation as simple as possible for organisations, allowing them to migrate from traditional perimeter security, and towards protection that wraps around their critical applications and data stores instead.
The Zero Trust journey is not an easy one. We want to make it incredibly easy for security professionals to identify, tag and group assets, and define/enforce policies across tens of thousands of servers, VMs (virtual machines) or workstations, and across a broad range of operating systems and cloud platforms.
The roadmap towards building a successful Zero Trust approach involves Zero Trust Network Access and software-based network segmentation. The good news for organisations currently struggling under the weight of cyber-attacks, is that both are available from one-stop-shop suppliers that are already building a niche in the fast growing Zero Trust architecture market.