�

It ’ s safer to assume that anyone , even a trusted user with a heart of gold , can pose a security risk and design your cyberdefence strategy accordingly .

– bringing total global costs to more than US $ 1 trillion each year .

Taking data protection inside the perimeter with Zero Trust

In the era of public cloud , mobility and work-from-home , the notion of perimeter security has quickly become outdated .

It ’ s not just that the attack surface has changed ; organisations have also gained a new understanding of the identity of the potential attacker , including trusted insiders who don ’ t even realise that they ’ re abetting a crime .

It ’ s common to think of an internal threat actor as a disgruntled employee or spy undermining cybersecurity with ill intent , but it ’ s even more common for a well-meaning employee to inadvertently open the door to hackers through poor password hygiene , nonsecure practices or the ever-popular phishing lure .

While awareness and education can help lessen the risk of successful phishing and ransomware attacks , a single moment of inattention and carelessness can be enough to devastate the business .

It ’ s safer to assume that anyone , even a trusted user with a heart of gold , can pose a security risk and design your cyberdefence strategy accordingly . Hence the rise of Zero Trust – the notion that we shouldn ’ t trust anything or anyone , inside or outside the network , with access to our computer systems . In practice , this means measures such as :

• Moving beyond the idea of inside versus outside and redesigning cyberdefence in terms of secure micro-parameters , with multiple points of network defence

• Implementing the ability to control , inspect and restrict network traffic travelling in any direction – north-south or east-west – within your organisation

• Subjecting users to checks and balances , each time they cross into a different area of the network or try to access a new set of resources , to verify their need and privileges

• Ensuring timeliness and preventing excess privileges from accumulating by periodically revoking and refreshing access and credentials

• Continuously monitoring who ’ s accessing what and the level of risk these activities might present

34 www . intelligentciso . com

Intelligent CISO Issue 41 | Page 34

It ’ s safer to assume that anyone , even a trusted user with a heart of gold , can pose a security risk and design your cyberdefence strategy accordingly .

�

It ’ s safer to assume that anyone , even a trusted user with a heart of gold , can pose a security risk and design your cyberdefence strategy accordingly .