industry unlocked
New regulations and industry standards are aimed at shifting the cybersecurity paradigm – away from the old mantra of ‘ trust but verify ’ and instead towards a Zero Trust approach , whereby access to applications and data is denied by default . Threat prevention is achieved by only granting access to networks and workloads utilising policy informed by continuous , contextual , risk-based verification across users and their associated devices .
There are many starting points on the path to Zero Trust . However , one driving principle to determine your priority of implementation should be the knowledge that the easiest way for cyberattackers to gain access to sensitive data is by compromising a user ’ s identity . In fact , 80 % of security breaches involve privileged credentials , according to Forrester Research . Furthermore , post-mortem analysis has repeatedly found that compromised credentials are subsequently used to establish a beachhead on an end-user endpoint ( e . g ., desktop , laptop , or mobile device ), which typically serve as the main point of access to an enterprise network . A recent Ponemon Institute survey revealed that 68 % of organisations suffered a successful endpoint attack within the last 12 months .
To limit an organisation ’ s cyber-risk exposure to tactics , techniques and procedures that target an organisation ’ s weakest link – the anywhere workforce – consider the following best practices :
• Maintain a trusted connection with endpoints to detect unsafe behaviours or conditions that could put sensitive data at risk . This includes maintaining granular visibility and control over endpoint hardware , operating systems , applications and data gathered on the device ; and implementing self-healing capabilities for the device , mission-critical security controls and productivity applications .
• Ensure that endpoint misconfigurations are automatically repaired when possible , as organisations cannot assume that the health of their IT controls or security tools installed on their employees ’ endpoints will remain stable over time .
• Monitor network connectivity status , security posture and potential threat exposure to enforce acceptable use via dynamic web filtering .
• Enforce dynamic , contextual network access policies to grant access for people , devices , or applications . This entails analysing device postures , application health , network connection security , as well as user activity to subsequently enforce pre-defined policies at the endpoint rather than via a centralised proxy .
Another point to keep in mind is that resilient Zero Trust is better than just Zero Trust . Zero Trust technology , and the range of threats to which those tools are susceptible , varies depending on the context in which cyber-resilience is sought .
What can other sectors learn from these attacks ?
It ’ s no longer a matter of ‘ if ’ but ‘ when ’ an organisation will suffer a data breach . This means that instead of primarily focusing efforts on keeping threat actors out of the network , it ’ s equally important to develop a strategy to reduce the impact . In turn , many organisations have started adopting a new strategy to cope with today ’ s increased cyberthreats , which is called cyber-resilience .
Cybersecurity applies technology , processes and measures that are designed to protect systems ( e . g ., servers , endpoints , networks and data ) from cyberattacks . In contrast , cyberresilience focuses on detective and reactive controls in an organisastion ’ s IT environment to assess gaps and drive enhancements to the overall security posture . Most cyber-resilience initiatives leverage or enhance a variety of cybersecurity measures . Both are most effective when applied in concert . u
46 www . intelligentciso . com