Why every company needs to implement Zero Trust

Tom is a Solution Architect at Menlo Security for the EMEA region, a leader in cloud security. In this role, he works closely with customers to meet their technical requirements and architects web and email isolation deployments for organisations across different industries. Coming from a varied background in cyber, Tom provides expert cybersecurity advice and strategic guidance. Prior to Menlo Security, Tom worked for LogRhythm and Varonis.
Thanks to the new pandemic-induced normal, the world of work has become increasingly defined by connectivity and digitalisation, and within this context, traditional ‘detect and prevent’ security solutions are no longer effective. Here, Tom McVey at Menlo Security discusses the importance of Zero Trust – what it means, why businesses should be considering it, and how it can be achieved with the use of isolation technology.

The modern day can be daunting for companies when it comes to cybersecurity.

Attacks are advancing both in volume and sophistication, CyberEdge’s 2021 Cyberthreat Defense Report revealing that 86 per cent of organisations had a successful cyber attack landed on them by the beginning of 2021 – up from the 62 per cent of organisations that were hit in 2014. 

Indeed, much of this increase has stemmed from the outcomes and impacts of the COVID-19 pandemic, with the world of work in the new normal having become highly connected, and highly digitised. 

Gartner asserts that the increasing adoption of cloud applications and a more mobile workforce have made the browser the most important productivity tool in the business. Yet, given the current threat landscape, this presents a real challenge.

Where companies are moving to the cloud and readily adopting SaaS solutions, they are beginning to experience attacks outside of the safety of their corporate network. Firms have moved from having an easily defensible, centralised perimeter to going directly to the Internet, bypassing network security and exposing a series of new vulnerabilities.

As digital footprints continue to expand, the risk of harm to companies, employees and customers is also ballooning. Unfortunately, however, much of the security industry continues to rely upon the same old outdated approach of ‘detect and prevent’.

Simply put, detect and prevent will never stop 100 per cent of threats as there will always be false negatives in a system that ultimately works by making educated guesses. 

Verizon reveals that in 2018 there were 41,686 reported security incidents and 2,013 confirmed cybersecurity breaches, with 68 per cent of these taking months or even longer to detect. 

This is worrying. It shines a spotlight on the fact that the two primary defence methods used by companies today – blocking an attack, and then detecting a breach once it has occurred – are failing and struggling to keep up with attackers’ level of sophistication. 

Enter Zero Trust

It is clear that current approaches are simply not equipped to deal with modern threats, and that for many organisations a rethink is required to be properly protected in today’s environment.

So, what is the solution? Where can enterprises turn in their hour of need?

Regarded as one of the best ways that safe email and web access can be achieved, Zero Trust is a principle that allows IT and security teams to overcome the ingenuity of even the most malicious hackers and attackers.

Traditional security models operate on the outdated assumption that everything inside an organisation’s network should be trusted. Under this broken trust model, it is assumed that a user’s identity is not compromised and that all users act responsibly and can be trusted.

Indeed, many of the most damaging cyberattacks of the past 12 months, such as the SolarWinds breach, were allowed to happen because of the simple fact that once hackers gained access inside corporate firewalls, they were then able to move laterally through internal systems, access and exfiltrate data, elevate privileges, and importantly, without any meaningful resistance.

Zero Trust addresses this issue, leading the shift away from legacy ‘castle and moat’ solutions and removing many of the issues associated with detection-based security technologies. 

It takes a default ‘deny’ approach to security that is rooted in the principle of continual verification. It recognises trust as a vulnerability and therefore commands that all traffic – including emails, websites, videos, or other documents that originate from either inside or outside an organisation – should be verified.

Indeed, three key principles are typical of Zero Trust.

  • First is the idea of verification as previously discussed, entailing the continuous authentication of all available data points. 
  • Second, companies must work to incorporate a policy of ‘least privilege’, limiting user access to just the specific applications and areas of a company network that they need to do their job effectively. Indeed, this does not just secure data, but it also helps to enhance productivity.
  • Third, an organisation must always assume that a breach is imminent. In doing so, security becomes a priority in all of its decision-making, and can be continually bolstered with the use of other tactics.
Achieving Zero Trust with isolation

One way in which Zero Trust can be achieved in the truest sense is using isolation technology.

Isolation is a completely new way of thinking about security with a Zero Trust first mindset. It completely removes the opportunity for any attackers to gain a foothold in the working environment, quite literally barring malicious payloads from their target endpoints.

With isolation, the browsing process is moved from the desktop to the cloud, creating something of a digital ‘air gap’ between the Internet and the endpoint. All content is cleaned and safely rendered from the cloud browser so that when employees go to conduct typical daily tasks, such as interacting with emails and browsing the Internet, there is complete peace of mind. 

All email and web traffic moves through this isolation layer, where the content is visible but never downloaded to the endpoint. At the same time, the user experience is identical to the one on the desktop with no impact on performance or interruption in workflow. 

READ MORE:

In this sense, isolation based Zero Trust does not leave anything to chance. Unlike other ‘almost safe’ technologies, it can stop cyber attacks and threat actors in their path 100 per cent of the time. 

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Author

  • Zero Trust, Security, Why every company needs to implement Zero Trust

    Tom is a Solution Architect at Menlo Security for the EMEA region, a leader in cloud security. In this role, he works closely with customers to meet their technical requirements and architects web and email isolation deployments for organisations across different industries. Coming from a varied background in cyber, Tom provides expert cybersecurity advice and strategic guidance. Prior to Menlo Security, Tom worked for LogRhythm and Varonis.

How to defend against Active Directory attacks that leave no...

Amber Donovan-Stevens • 16th September 2021

Cybercriminals are using new tactics and techniques to gain access to Active Directory in novel ways, making their attacks even more dangerous—and more necessary to detect. This article will explore a few types of attacks have been seen in the wild that leave no discernable trail or, at least, any evidence of malicious activity, explains...

8th worst in Europe: Cybersecurity for UK business

Amber Donovan-Stevens • 10th September 2021

In the article, Hayley Kershaw, AdvanceFirst Technologies, analyses the data from recent research to identify successful cybersecurity practices from countries achieving the top-ranking and how, with the UK’s commitment to cybersecurity, businesses can improve.

Join our webinar on 28th September: How the digital nomad generation influences business behaviour

X