Lynton Lubbe, CS and NGS Business Practice Lead, Westcon-Comstor Sub-Saharan Africa, on Zero Trust and why building a comprehensive security posture is more than just the network.
Given the normalisation of a distributed work environment, organisations have had to rethink their approach to cybersecurity. Dealing with an exponential increase in network complexity, managing the myriad of endpoints accessing the back end regardless of geographic location and maintaining a level of compliance while keeping the business operations have exacerbated an ever-expanding cyberthreat landscape. Simply put, an effective security strategy is no longer just about safeguarding the network.
The past year has seen many companies rapidly embracing the cloud as an enabler for the ‘new normal.’ Not only are information workers now reliant on the cloud to access the applications, processes and data required for their daily work, but DevOps and engineering teams must now scale across a multitude of services, cloud providers and hybrid architectures. While interventions like VPNs, static segmentation, IP whitelisting and key management are all useful, they can no longer be relied upon for securing the business. This requires a fundamentally different way to manage cybersecurity and moves it beyond the physical infrastructure into one driven by evolving technologies, many of which are software-based.
This is where Zero Trust becomes the foundation on which a new cybersecurity environment must be built. It centres on preventing data breaches by not trusting anyone inside or outside the organisation’s network infrastructure. In fact, network connectivity is denied to all users, machines and applications until they are explicitly verified.
Zero Trust also mitigates the growing challenge of a lack of security skills at an organisation. Many companies do not have the in-house resources to effectively manage a growing portfolio of applications across an ever-expanding attack surface. Therefore, combining simplicity with automated (and Machine Learning-enabled) defences is critically important to protect businesses and help them keep their focus on their strategic priorities.
Automation can no longer be considered a nice-to-have when it comes to cybersecurity. Today, most security breaches occur due to overly permissive rules, inadvertent access, known but unpatched vulnerabilities, firewall misconfigurations and even shadowed rules that result in policy contradictions and risk.
Companies can use automation to templatise changes, thereby passing on many of the tasks that could potentially result in misconfigurations or human error. The rate of attacks means that security cannot afford any roadblocks. An automated approach removes this and helps deliver increased agility. Automation, therefore, gives the business the ability to manage change rapidly, consistently and flawlessly whether it needs to happen on network infrastructure, at the Edge or on user endpoint devices when access cloud systems remotely.
Furthermore, automation brings with it the visibility and scalability required to adapt to any cyberthreat, both known and unknown. Injecting this level of sophistication into an organisational environment will be the differentiator between those companies that can safeguard their assets and those that will always remain prone to compromise.
Approach in layers
In summary, there is just no one-size-fits-all approach to securing your network. The adage that security needs to be approached in layers is today truer than ever before because cybercriminals are not just sophisticated with their tooling but down right ruthless in their approach. With multi-factor authentication, a Zero-Trust process and automation on your side, you can start to narrow the attack surface. This is ultimately precisely what is needed – a smaller surface area leaves less room for cybercriminals to navigate through.Click below to share this article