Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Zero-Trust Programme. Show all posts

Zero Trust Cybersecurity Protocols Slow Companies to "Mask Up"

 


There is only one way to find out if you can trust someone, and that is by trusting them, according to Ernest Hemingway, considering that most organizations follow zero trust policies, which were developed nearly two decades ago by John Kindervag. These policies are now the default behavior. This is not a wise piece of advice for network security. As a result, we have seen an increase in the number of cases of infection due to the Coronavirus pandemic and remote work. 

Despite this, companies are a bit slow to adopt zero trust when it is about protecting against malware and data exfiltration. By 2026, Gartner has predicted that only 10% of large enterprises will have in place a zero-trust program that is mature and measurable by the end of this decade. 

Currently, less than 1% of organizations have automated their systems with zero trust. This is according to a consulting firm. It was reported that despite zero trust is a critical strategy for reducing risk for most organizations, few had implemented the system. 

The end of Implicit Trust is Here 

In his latest commentary for Gartner's VP Analyst Series, John Watts, VP Analyst at Gartner, said that many organizations have established their infrastructures with implicit rather than explicit trust models to facilitate access and operation for workers and workloads. 

John added that in the context of zero trust, the main risk that many companies face is the possible use of implicit trust by attackers. This can give them a competitive advantage over customers. In addition, damage can be limited by segmenting access to a network. It allows the attack to have a lesser impact on resources and systems during an attack. 

When spyware or other malware is infected into an environment through a vendor's software installed within it, the damage caused can be limited to a small segment of trusted applications within the environment. 

It is pertinent to note that implicit trust refers to workloads and devices that rely on limited factors when authorizing devices, workloads, and accounts. This includes requests originating from a local IP address behind a perimeter firewall. 

Explicit trust refers to when devices, workloads, and accounts for access need to be authenticated and authorized in a way that takes into account more context (e.g., location, time, posture, successful multi-factor authentication), Watts explained. 

The Engine Should Have (or not have) a Zero-Trust Policy. 

A zero-trust framework, including zero-trust software, under which zero-trust operations can be implemented, should be able to do the following: 

  • Several services and applications are created for extended workforces that are vulnerable to exploits and scan attacks that can be identified and prevented. 
  • As an alternative to allowing open connections on a network, you should limit access to specific network resources to prevent malware from moving laterally. 
  • Developing an access management “engine” based on risk and trust is critical to controlling access. 
These engines are based on analytics built on things such as account activity, the identity strength of the user, device attributes, and several other parameters to calculate a risk score in near real-time from real-time data. A risk score higher than a certain threshold could trigger an action such as isolating a device, enabling a second factor of authentication, or suspending a user's account. This depends on what level of risk that is. 

Moveable firewalls 

Rather than implementing one large perimeter around resources like the traditional firewall model, zero trust implements many smaller perimeters. As Watts pointed out, zero trust is not the only method by which one can reduce risk. There is an imperative aspect of scope which is to ensure that not everything can be controlled by a set of zero-trust procedures. In general, legacy systems, such as mainframes, are excluded from zero-trust architectures, and this is the case for public-facing applications used by citizens and consumers. 

Sadly, Gartner analysts also warned that the majority of cyberattacks through 2026 will focus on areas not covered by zero trust controls. This is because these attacks cannot be mitigated by these controls. Due to API threats, this problem has arisen. Watts said that some threats could be encountered during zero trust implementation, such as insider attacks and account takeovers. He said that advanced analytics would help organizations mitigate the threat posed by this threat. 

A Threat Stream of APIs: Islands of Danger

In addition, Gartner forecasted earlier this month that by 2023, the total cost of computing around the globe will reach $4.5 trillion. As a result, this has resulted in a growth of 2.4% compared to 2022, though it is slightly lower than the 5.1% growth forecast for the previous quarter. 

According to the firm, less consumer purchasing power and lower device spending will contribute to a continued rise in overall enterprise IT spending. This is even as inflation continues to erode consumer purchasing power.