Intelligent CIO APAC Issue 25 - Page 34

A new security model is needed to effectively secure this new attack surface .

The COVID-19 pandemic has been a catalyst for the Digital Transformation of companies across all industries and established the value of the cloud . With lockdowns creating a remote workforce and changing how consumers shop , the scalability and Business Continuity of the cloud has allowed for a quick and seamless transition .

This increase in remote access and online presence of businesses significantly expanded the size of the attack surface . Akamai recorded over five billion web attacks in a single quarter , two billion more than the previous quarter .
The shift from an on-prem to a hybrid or multi-cloud architecture and the rise of cloud-native application workloads shows that the traditional enterprise and cloud data center security perimeter defenses are no longer enough .
Adopt a Zero Trust security approach
A new security model is needed to effectively secure this new attack surface . Zero Trust changes security from ‘ Trust and verify ’ to ‘ Never trust and always verify ’. Every user , device and application are now potential threats .
The Zero Trust is a framework that uses different technologies to ensure network trust and thwart malicious attacks . It provides secure access to
applications and reduces complexity .
Below are five steps organizations can take towards adopting a Zero Trust model :
1 . Know what Zero Trust means – Authenticate and authorize every person and device before any access and data transfer regardless of its location . This entails moving beyond passwords to multifactor authentication as well as verifying the device , its location and behavior .
2 . Identify what you need to protect – Visibility to all assets is essential and this includes a range of data from customer , employee , financial , application business process and intellectual property as well as data from IoT devices .
3 . Design your network from the inside out – Software defined micro-segmentation can quickly segment environments and applications to mitigate breaches and ransomware attacks .
4 . Log all traffic – Real-time analysis of traffic logs can help identify cyberattacks as the data that is collected can help create a feedback loop that makes your network stronger over time .
5 . Be in it for the long haul – Zero Trust is an ongoing journey . Start small and select one system to use as a test case while ensuring that you have all the controls , logging and monitoring in place . Once this is done successfully , move on to the next system .
34 INTELLIGENTCIO APAC www . intelligentcio . com