Traditional security models have been challenged as millions across the world have transitioned to remote work models wherever possible. As the global workforce progresses towards the next normal of hybrid workplaces, organizations have adopted remote work as a new standard – but at what cost to security?
“Never trust, always verify” is the foundation of Zero Trust.
The rapid and meteoric rise in remote-based work has dramatically increased the exposure to cybersecurity threats, with more targeted attacks on organizations from cyber aggressors and nation-state groups. In addition to remote work, the increased rise in the use of Internet of Things (IoT), operational technology (OT), and network-enabled smart devices introduced new areas of potential compromise to enterprise networks. Every connected endpoint to an organization’s network is a potential hackable entry point for a cyber aggressor.
With economic activity straining, budgets decreasing, and capital expenditures shrinking, cybersecurity spend has come under pressure. Despite these pressures, a new 2020 Kaspersky report ‘Investment adjustment: aligning IT budgets with changing security priorities’, “cybersecurity remains a priority for investment among businesses.” Despite overall IT budgets decreasing, enterprise cybersecurity spend is up from 26% to 29% in 2020. In addition, according to this study, 71% of organizations expect their cybersecurity budgets to grow further in the next three years.
Zero Trust provides a scoped, scalable, agile and affordable framework to address the loss of a defined corporate perimeter and the increased security risk to corporate systems and sensitive data.
| STRATEGIC BENEFITS | EXECUTION BENEFITS |
|
|
What is Zero Trust? The Zero Trust model assumes a breach and verifies each access request as though it originates from an open network, regardless of user, resource, and origination point. This model presumes every data access request is fully authenticated, authorized, and encrypted before it is granted.
Zero Trust directly addresses the challenges of scope, scale and flexibility in a dynamically changing world. It reduces an organization’s risk footprint and attack surface by assuming any user, any device logging in from any location is a potential threat. It doesn’t increase trust, it eliminates it.
In the past, security tried to protect systems, applications, databases, and users behind a rigidly defined perimeter. With the loss of a definable perimeter, the next normal is to never trust but always verify to ensure appropriate and defined access to users and systems in an ever-changing world.
Author:
Laszlo S. Gonc, CISSP, First Senior Fellow, DivIHN Cybersecurity Center of Excellence
