How A “Zero Trust” Approach Has Become Essential To Cybersecurity

zero trust cybersecurity
With the number of threats facing modern businesses, now more numerous and sophisticated than ever, it’s time that we change how we approach security — and the “zero trust” model is a good foundation.

Security Breaches Around The World

Yahoo. Equifax. The Department of Homeland Security. Uber. Heathrow International Airport. NHS.

The one thing all of these organizations have in common is that they have all suffered a data breach or security incident of some kind, either through employee negligence or through the machinations of a bad actor. It’s an unfortunate reality of doing business in today’s world — and it’s one that requires a new approach to cybersecurity to address.

Zero Trust Security

“Zero trust” is arguably a critical foundation of that approach. Devised by former Principal Forrester Analyst John Kingervag, “zero trust” is a security concept founded on the belief that nothing can be trusted. Regardless of whether network traffic originates inside an organization’s security perimeter or on the outside, it must be verified before it’s given access to anything.

However, most organizations and their IT department are still stuck with their old way of thinking — with what CSO Online terms the ‘castle and moat’ mentality. This approach to network security sees an organization focused entirely on keeping intruders out of their security perimeter, without much thought as to what exists beyond, or within.

The reason that’s a problem is twofold. First, traditional security perimeters don’t exist anymore. Not as we remember them at least.

People can now access and work with critical files from virtually anywhere. What’s more, vendors, contractors, and business partners all over the world have access to corporate data. Not all of them take cybersecurity as seriously as they should, and if you’re stuck with a traditional cybersecurity model, you’re essentially playing with fire.

Mind you, that has less to do with “zero trust” than the second issue. Namely, if your systems are configured to automatically trust all internal traffic, all a hacker needs to do is gain access to those systems. From there, they’ve free reign to do whatever they please.

How To Implement A Zero Trust Security Approach?

virtual files

So how exactly do you implement a “zero trust” approach to your infrastructure without alienating your staff and making their jobs impossible to do?

  • Understand your data. Know what data you need to protect, where it’s located, who has access to it, and who needs access to it. Know how that data moves and flows through your network, and how it moves into and out of your security perimeter.
  • Look at how your network functions. How do transactions flow across your network? How well do you monitor network traffic, and what rules do you have in place for when an application or user encounters something unexpected?
  • Enforce the Zero Trust mentality. You need to enforce the idea that no one and nothing should be given access to sensitive data unless they can be authenticated. You need to make this part of your corporate culture, especially in IT, where most professionals trust their internal environments implicitly.
  • Ditch the legacy architecture. With few exceptions, old infrastructure is not well-suited for “zero trust” — that’s because for this approach to actually work, its systems generally need to be built from the ground-up rather than retrofitted.

We face more cybersecurity threats than at any other point in history. We need to be ready to tackle them. A “zero trust” approach to networks and systems is a good first step, and now you know how to begin to incorporate it.

 


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Cloudbric.
Comments
  • An increased incidence of uterine malignancies endometrial adenocarcinoma and uterine sarcoma, including fatal cases, has been reported with tamoxifen treatment buy cialis generic online cheap influenzae are the most common organisms isolated from sinus aspiration in patients with ABRS

  • Star Sports is the official broadcaster of the ICC T20 World Cup 2022 in India. Hence, Star Sports channels will broadcast all the matches of the tournament in India. The live streaming will be available on Disney+ Hoststar, where fans with subscriptions can enjoy the matches. India vs England, 2nd Test, Day 1 live score: India 86/0 after 29 overs. Pacers have been pretty much ineffective for England so far, however, Mark Wood with his pace have troubled both KL Rahul and Rohit Sharma here and there. So, Joe Root introduced the only recognised spinner in his squad, Moeen Ali and he bowled a maiden first over and almost, almost got KL Rahul’s wicket in the last delivery. Kumar opens the bowling for India, first delivery swinging a lot but being given as a wide nonetheless. India vs England teams at play
    https://kyleriqyl210087.diowebhost.com/69538171/www-bbc-football-results
    The team who will win this Match will be able to make their place for finals, PAK vs NZ Live Score details will be available on this web page with the beginning of the Match. 2nd Semifinals will be played on November 10, 2022 between India and England on Adelaide Oval Cricket Ground. Day 4: Rain – New Zealand A – 39/2 (12.5), trail by 190 runs, Mark Chapman 0(2), Rachin Ravindra 14(31) Network18 sites Ind vs NZ Live Score 10th July, India vs New Zealand LIVE Score, World Cup Semi-Final 2019 @7:25pm: Dhoni and Jadeja’s brilliant innings go in vain, New Zealand win by 18 runs and the previously formidable India’s journey comes to an end in World Cup 2019. With this win, New Zealand progress to their second successive World Cup final. Indian Express argues for Mohammad Haris to open, Babar Azam to bat at No 3 and and Mohammad Nzwaz to start the proceedings for Pakistan with the ball for their semi-final match against New Zealand in Adelaide. (READ MORE)

Leave a Reply

Your email address will not be published.