Aligning Zero Trust with the Essential Eight
The recent spate of cyberattacks against Australian organisations has caused many to reconsider their cybersecurity strategies and enhance their Zero Trust models . Amritha Saravanan , IT Security Evangelist ,
ManageEngine , discusses the importance of Zero Trust and how it aligns with the Australian Cyber Security Centre ( ACSC )’ s Essential
Eight Maturity Model . he COVID-19
T pandemic has stimulated a major Digital Transformation , but security is yet to catch up . Hybrid work has become the norm and multi-cloud footprints have rapidly expanded .
Not only are people working from wherever they choose , but organisations are also accessing more of their data from the cloud . This environment makes it critical for organisations to adopt Zero Trust for cybersecurity .
What is Zero Trust ?
Zero Trust is a philosophy , not a product or technology . The core principle of Zero Trust is ‘ never trust , always verify ’.
No matter the device , user , network , or location ( whether inside or outside the walls of an organisation ), trust should not be explicitly given to any identity .
Principles like least privilege access , micro segmentation of networks with different credentials , data usage control and continuous validation in real time can help organisations mitigate inevitable intrusions into networks .
Zero Trust has emerged as the answer to contemporary security challenges posed by the widespread uptake of mobile and cloud technologies .
According to TeleGeography ’ s WAN Managers Survey , 35 % of WAN managers implemented practices of Zero Trust security in 2021 , showing an increase of 8 % from 2019 . While it seems there has been an uptake , more widespread adoption is necessary as the threats increase in volume and complexity .
Implementing Zero Trust into a cybersecurity strategy will make it much harder for adversaries to compromise systems . However , there ’ s more that can be done .
What are the Essential Eight ?
Due to the growing number of cyberattacks and the increasing threat www . intelligentciso . com