Artificial Intelligence

Emerging threats in cybersecurity: The need to shift from traditional to zero trust model

As we look past the couple of months, India witnessed a rapid surge in cyberattacks and all of this taking place amidst several measures adopted by companies. As per data, nearly 1.6 million cases of cyberattacks were reported in 2020 and this is further expected to increase in 2021 especially in sectors like manufacturing, services, healthcare and education.

However, the recent attack on firms like Dominos India, Air India indicates that India is heading towards a big crisis. Domino’s India became a victim of a major data leak as more than 18 crore orders’ data has been put up on the dark web for sale as a searchable database. Air India too succumbed to such an attack on May 21st when more than 45 lack users data were compromised. Such dastardly attacks are mainly caused due to lack of investment in a proper IT infrastructure and establishing a safe and secure environment.

Such attacks will continue to occur, if businesses do not fast-track the adoption of next generation cyber defenses to protect against these attacks. But one good news is that companies have become more alert and are now recognizing cybersecurity as an imperative business priority that demands the attention of company leadership.

Martina Navratilova rightly says so – “Security used to be an inconvenience sometimes, but now it’s a necessity all the time.” This clearly indicates that no matter what security is of utmost importance at the moment, especially at a time when we move from reimagining a new normal to actually living it. That means right now each one of us is on a Zero Trust journey – whether we are aware of it or not.

Although no platform or approach can guarantee 100% breach protection, the Zero Trust approach to cybersecurity has emerged as a leading mantra in managing cyber risks. It improves an organization’s cyber-resilience: that is, how quickly and effectively you detect and respond to security incidents. Businesses need security that helps them confidently, knowledgably enforce security rules in an increasingly complex digital world. The shift from the “trust but verify” to the “never trust, always verify” security model is a necessary ingredient in cybersecurity and cyber-resilience. The legacy “castle and moat” approach to cyber defense is redundant for enterprises on the growth path with cloud-first initiatives.

A Zero Trust approach allows companies to accelerate digital transformation without compromising security posture. The underlying principle of Zero Trust is micro-segmentation. Micro-segmentation divides the network into isolated segments that can be monitored, making security granular. During a ransomware attack, hackers penetrate the network and stay undetected for months – moving laterally and extracting data over time.  Therefore, micro-segmentation becomes crucial during a ransomware attack as it blocks lateral movement, and creates secure zones that protect the most critical assets of an enterprise.

As we move deeper into 2021, the need for adopting Zero Trust is becoming stronger everyday. Infact some experts are now saying that the “Zero Trust” conversation has evolved from “What is it?” to “How do we achieve a Zero Trust architecture?”

How Zero Trust security empowers enterprises to upgrade their security?

  • Reduce the possibility of a data breach/ransomware attack through micro-segmentation and preventive security at the workload level
  • Visualize and secure the workloads in data centers and public clouds through dynamic, contextual, and application-centric micro-segmentation
  • Protect special-purpose and legacy endpoints through micro-segmentation and endpoint lockdown
  • Secure remote access to private applications and offer end-to-end access control through tight integration of remote access and a micro-segmentation solution
  • Simplify and automate compliance through micro-segmentation, user access control, and granular reporting capabilities

Moving Forward with Zero Trust

Zero Trust helps addresses the new and agile needs of an organization. Instead of depending on one single network, the Zero Trust model basically tapers the perimeter to be active around any user or device that requests access to data. Such an approach reduces the probability, not only of an attacker effectively infiltrating a network, but also moving and gaining access to high-value targets after breaching it.

There is no doubt that the Zero Trust model has emerged as the top security model that easily adapts to any modern environment and protects the organizations at this time of ever more potent cyberattacks happening in India.

 

The article is by Raja Ukil, SVP Enterprise Business, ColorTokens.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *