Thanks to the new pandemic-induced normal, the world of work has become increasingly defined by connectivity and digitalisation, and within this context, traditional ‘detect and prevent’ security solutions are no longer effective. Here, Tom McVey at Menlo Security discusses the importance of Zero Trust – what it means, why businesses should be considering it, and how it can be achieved with the use of isolation technology.
The modern day can be daunting for companies when it comes to cybersecurity.
Attacks are advancing both in volume and sophistication, CyberEdge’s 2021 Cyberthreat Defense Report revealing that 86 per cent of organisations had a successful cyber attack landed on them by the beginning of 2021 – up from the 62 per cent of organisations that were hit in 2014.
Indeed, much of this increase has stemmed from the outcomes and impacts of the COVID-19 pandemic, with the world of work in the new normal having become highly connected, and highly digitised.
Gartner asserts that the increasing adoption of cloud applications and a more mobile workforce have made the browser the most important productivity tool in the business. Yet, given the current threat landscape, this presents a real challenge.
Where companies are moving to the cloud and readily adopting SaaS solutions, they are beginning to experience attacks outside of the safety of their corporate network. Firms have moved from having an easily defensible, centralised perimeter to going directly to the Internet, bypassing network security and exposing a series of new vulnerabilities.
As digital footprints continue to expand, the risk of harm to companies, employees and customers is also ballooning. Unfortunately, however, much of the security industry continues to rely upon the same old outdated approach of ‘detect and prevent’.
Simply put, detect and prevent will never stop 100 per cent of threats as there will always be false negatives in a system that ultimately works by making educated guesses.
Verizon reveals that in 2018 there were 41,686 reported security incidents and 2,013 confirmed cybersecurity breaches, with 68 per cent of these taking months or even longer to detect.
This is worrying. It shines a spotlight on the fact that the two primary defence methods used by companies today – blocking an attack, and then detecting a breach once it has occurred – are failing and struggling to keep up with attackers’ level of sophistication.
Enter Zero Trust
It is clear that current approaches are simply not equipped to deal with modern threats, and that for many organisations a rethink is required to be properly protected in today’s environment.
So, what is the solution? Where can enterprises turn in their hour of need?
Regarded as one of the best ways that safe email and web access can be achieved, Zero Trust is a principle that allows IT and security teams to overcome the ingenuity of even the most malicious hackers and attackers.
Traditional security models operate on the outdated assumption that everything inside an organisation’s network should be trusted. Under this broken trust model, it is assumed that a user’s identity is not compromised and that all users act responsibly and can be trusted.
Indeed, many of the most damaging cyberattacks of the past 12 months, such as the SolarWinds breach, were allowed to happen because of the simple fact that once hackers gained access inside corporate firewalls, they were then able to move laterally through internal systems, access and exfiltrate data, elevate privileges, and importantly, without any meaningful resistance.
Zero Trust addresses this issue, leading the shift away from legacy ‘castle and moat’ solutions and removing many of the issues associated with detection-based security technologies.
It takes a default ‘deny’ approach to security that is rooted in the principle of continual verification. It recognises trust as a vulnerability and therefore commands that all traffic – including emails, websites, videos, or other documents that originate from either inside or outside an organisation – should be verified.
Indeed, three key principles are typical of Zero Trust.
- First is the idea of verification as previously discussed, entailing the continuous authentication of all available data points.
- Second, companies must work to incorporate a policy of ‘least privilege’, limiting user access to just the specific applications and areas of a company network that they need to do their job effectively. Indeed, this does not just secure data, but it also helps to enhance productivity.
- Third, an organisation must always assume that a breach is imminent. In doing so, security becomes a priority in all of its decision-making, and can be continually bolstered with the use of other tactics.
Achieving Zero Trust with isolation
One way in which Zero Trust can be achieved in the truest sense is using isolation technology.
Isolation is a completely new way of thinking about security with a Zero Trust first mindset. It completely removes the opportunity for any attackers to gain a foothold in the working environment, quite literally barring malicious payloads from their target endpoints.
With isolation, the browsing process is moved from the desktop to the cloud, creating something of a digital ‘air gap’ between the Internet and the endpoint. All content is cleaned and safely rendered from the cloud browser so that when employees go to conduct typical daily tasks, such as interacting with emails and browsing the Internet, there is complete peace of mind.
All email and web traffic moves through this isolation layer, where the content is visible but never downloaded to the endpoint. At the same time, the user experience is identical to the one on the desktop with no impact on performance or interruption in workflow.
- Zscaler is set to be the industry’s first security vendor to integrate active defence into a Zero Trust architecture
- Why Zero Trust is Vital – and Achievable – for Endpoint and IoT Security
- Forescout to deliver the first zero-trust solution for OT, IoT, healthcare and hybrid cloud segmentation
- 5 questions businesses should ask in the wake of Biden’s cybersecurity bill
In this sense, isolation based Zero Trust does not leave anything to chance. Unlike other ‘almost safe’ technologies, it can stop cyber attacks and threat actors in their path 100 per cent of the time.