TECH INTELLIGENCE: Winning the unfair fight

Why businesses should never trust and always verify

Carl Mazzanti//June 19, 2023//

Cybersecurity

PHOTO: PIXABAY

Cybersecurity

PHOTO: PIXABAY

TECH INTELLIGENCE: Winning the unfair fight

Why businesses should never trust and always verify

Carl Mazzanti//June 19, 2023//

Listen to this article

Cybercriminals are relentless, and the battle against them never ends. In 2022 alone, ransomware and other scams drove some $10.3 billion of cybercrime losses, according to the FBI; and many of the attacks are targeting small and medium-sized businesses. Like the schoolyard bully who picks on smaller, seemingly defenseless victims, it is an unfair fight — and there is no way for businesses to avoid it.

But businesses do have a shot at winning the conflict. To come out on top, though, business owners need to modify their defenses and adopt a zero-trust policy. For decades, cybersecurity consultants have focused on “perimeter security strategies,” or the use of firewalls and other network-based tools to inspect and verify user traffic exiting and entering a network. However, digital transformation and the move to hybrid cloud infrastructure have changed the way industries do business, and relying on a network perimeter is no longer sufficient.

Zero trust, in contrast, assumes a network’s security is always at risk from both external and internal threats. It is a recognition that the rise of hybrid and remote work means individuals are connecting with home computers that are beyond the control of IT departments and users – with data and resources spread across the globe – making it difficult to connect them quickly and securely. This new model of work, where employees and others lack a traditional on-premises IT security infrastructure, places businesses at risk. It is like guerilla warfare — with entrepreneurs assembling their traditional cyber defensive forces while someone on the other side sends in a drone.

The need for a zero-trust framework was dramatically illustrated in 2020, during the SolarWinds breach. That crisis was sparked when a doctored update with a backdoor Trojan Horse virus, designed to steal sensitive user data, was digitally delivered to some 18,000 customers served by SolarWinds, an IT management software company whose clients include government agencies and Fortune 500 companies. Although the breach – believed to have been developed and staged by a nation-state actor – was discovered and remediated in a timely manner, the alarming incident highlighted the ongoing threat of such attack vectors and the need for zero-trust defenses.

The bedrock of a zero-trust framework is a “never trust and always verify” approach that adds security around every user, device and connection across every transaction, under the assumption that every connection and endpoint constitutes a threat. A successful zero-trust framework will add layers of protection against external and internal threats, in part by logging and inspecting all corporate network traffic, limiting and controlling access to the network, and verifying and securing network resources.

Under this model, data and resources are inaccessible by default — users can only access them on a limited basis under authorized circumstances. Commonly termed “least-privilege access,” a zero-trust security approach will verify and authorize every connection, ensuring that every interaction meets specific requirements of the organization’s security policies and granting appropriate user access on a just-in-time and just-enough basis, utilizing risk-based adaptive policies and data protection to help secure both data and productivity.

A comprehensive zero-trust security strategy will also authenticate and authorize every device, network flow, and connection. When sensitive data is recognized, labeled, and classified, an organization can enforce policies to block or remove data from being shared, and security and governance teams can track and monitor sensitive data using corporate policies as the data moves inside and outside of the organization.

A knowledgeable IT support services provider can review an organization’s data and cybersecurity environment and suggest ways to implement an appropriate zero-trust solution. But users must also make an organization-wide commitment to zero trust, taking such steps as cataloging all IT and data assets, and assigning access rights based upon roles; implementing and maintaining a data-centric approach, including creating an inventory of sensitive data housed by an organization, and cataloging its locations.

Carl Mazzanti
Mazzanti

Businesses that deploy a zero-trust framework will not only bolster their defenses but can also gain insights across their business, while enforcing security in a more efficient manner, consistently detecting, and responding to threats faster and in a precise way. The fight against hackers and other bad actors may be unfair, but companies that take the right steps to prepare can still come out on top.

Carl Mazzanti is president of eMazzanti Technologies in Hoboken.