Page 162 - Cyber Defense eMagazine January 2023
P. 162

Why You Can't Have True Zero Trust Without API

            Security

            By Richard Bird, Chief Security Officer, Traceable




            Global adoption of Zero Trust security models is soaring and with good reason. Due to organizations’
            embrace of digital business models and enablement of hybrid workforces, more users and devices are
            accessing  organizations’  networks  than  ever  before.  A  Cloud  Security  Alliance  survey  finds  that  94
            percent  of  organizations  are  implementing  Zero  Trust  strategies,  and  77  percent  will  increase  their
            spending on Zero Trust over the next 12 months. President Biden’s Executive Order on Cyber Security,
            issued in May 2021, has also given this security model a public boost. The order requires federal agencies
            to develop and implement Zero Trust architectures at pace.
            The concept of Zero Trust was popularized by Forrester analyst John Kindervag in 2010. Organizations
            that embrace Zero Trust “never trust, always verify.” That means continuously validating every user and
            device accept attempt and enforcing the principle of least privilege granted to right-size user privileges to
            the job at hand. As a result, Zero Trust has historically been focused on improving network access and
            identity access management security.
            So  far,  so  good.  Yet,  the  reality  is  that  distributed  networks  are  growing  exponentially.  In  addition,
            organizations are tilting from running monolithic business applications to using myriad microservices to
            create and deploy new applications. Organizations then use application programming interfaces (APIs)
            to  connect  clients  to  servers;  send  and  receive  sensitive  data;  and  execute  increasingly  complex
            interdependent business processes.




            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       162
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   157   158   159   160   161   162   163   164   165   166   167