Page 229 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 229

The solution is Zero Trust

            Organizations worldwide are embracing digital transformation to ensure business continuity, and most
            times,  security  is  neglected.  Cybercrime  is  now  highly  organized,  and  bad  actors  are  sophisticated
            enough to deploy APTs and move laterally within an organization's network. Traditional approaches are
            failing  to  protect  organizations  in  the  new  normal  of  remote  work  and  industry-wide  cloud
            adoption.  Securing  modern  enterprises  from  today's  threat  landscape,  which  aligns  with  the  cloud
            environment, requires a shared responsibility model.



            A Zero Trust model can fulfil this cybersecurity need by deploying security controls that assume that the
            network is already compromised. Legacy' network perimeter security and visibility solutions that keep
            attackers out are no longer practical or robust enough. The concept of implicit trust is no longer effective
            while depending on basic IAM solutions, is no longer practical. Zero Trust employs the least-privilege
            principle  and  strong  authentication  methods  to  enforce  access  controls  and  enhance  the  network's
            granular visibility.




            A well-executed Zero Trust strategy is based on the principle of access, limit and monitoring. By enabling
            organizations to precisely manage identities and monitor user activity, especially those with elevated
            privileges, Zero Trust can act as the overarching system of organization's security framework.



            With IoT  devices  eavesdropping and Wi-Fi  router  not  being  configured to  WPA-2 , remote  workforce
            brings significant cyber risks. Productivity and security of employees working remotely can no longer be
            ensured — or controlled. Enterprise-owned devices are traditionally managed, patched, and kept up to
            date with security tools and policies. Even if Zero Trust security can't force employees working at home
            to maintain basic cyber-hygiene, it can prevent a security breach because it fundamentally enforces
            access controls at every segment within the network.



            The  only  solution  to  this  complex  cyber  threat  landscape  is  the  new-generation  Zero  Trust  security
            framework,  which  offers  granular  visibility  and  continuous  monitoring  of  the  network.  Moreover,  it
            establishes trust that is dynamic and contextual risk-based, and grants access requests only if certain
            access policy parameters are met.



            Gartner's CARTA takes Zero Trust further by introducing continuous adaptation beyond the basic allow
            or deny models to provide contextually relevant access. With context as king, CARTA's additional security
            measures reduce breach risk and improve containment if a hacker gains access to the network.









                                                                                                            229
   224   225   226   227   228   229   230   231   232   233   234