3.3 C
New York
Tuesday, February 7, 2023

Buy now

Companies are slow to “mask” with zero trust cybersecurity protocols

A new study from Gartner predicts that by 2026, only 10% of companies will use zero-trust protocols against cybersecurity exploits.

A hologram with inscription that says Zero Trust.
Image: Alexander/Adobe Stock

Ernest Hemingway said the best way to find out if you can trust someone is to trust them. This is terrible advice for network security, where zero trust, created nearly two decades ago by John Kindervag, has become a standard for many organizations, especially since the coronavirus pandemic and the advent of remote work.

Nevertheless, like an N-95 malware mask and data exfiltration, companies are a bit slow to carry it. Gartner released a report predicting that by 2026, only 10% of large enterprises will have a “mature and measurable zero-trust program.”

That percentage is less than 1% today, according to the company, which reported that while zero trust is top-of-mind for most organizations as a critical risk reduction strategy, few organizations actually implement zero trust implementations. have completed.

SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)

Jump to:

A farewell to implicit trust

According to John Watts, VP Analyst at Gartner, many organizations have set up their infrastructure with implicit rather than explicit trust models to facilitate access and operations for employees and workloads.

“The main risk addressed by zero trust is to prevent attackers from exploiting implicit trust,” he said. “It helps limit the damage from attacks by better segmenting access so that when an incident occurs, fewer assets and systems are affected. The damage caused by the infection of a vendor’s software installed in an environment can be limited to a smaller segment of trusted applications.”

He explained that implicit trust refers to workloads and devices that build too much trust for access by using constrained factors, such as a request coming from a local IP address behind a perimeter firewall — when authorizing devices, workloads, and accounts for access.

“Explicit trust refers to workloads and devices that require more context (e.g., location, time, attitude, successful multi-factor authentication) when authenticating and authorizing devices, workloads, and accounts for access,” said Watts.

SEE: How a corporate email attack exploited Microsoft’s multi-factor authentication (TechRepublic)

Have (or don’t have) a zero trust engine

Watts added that a working zero trust framework, including zero trust softwareshould be possible:

  • Identify and prevent scan and exploit attacks against web-facing applications and services intended for the extended workforce.
  • Prevent lateral movement of malware by restricting access to resources on a network instead of allowing open connections.
  • Deploy a risk and trust ‘engine’ to control access.

Those engines are built on analytics that analyze things like account activity, user authentication strength, device characteristics, and other parameters in near real-time to calculate a risk score. If the risk score rises above a certain threshold, an action such as isolating the device, forcing a second factor of authentication, or suspending a user’s account should be initiated.

A portable firewall

Zero trust implements much smaller perimeters around resources instead of one big perimeter like the traditional one firewall model, but Watts noted that zero confidence is just one method of reducing risk. Scope is critical because not everything can be placed behind a set of zero trust checks. For example, legacy systems such as mainframes or public applications for citizen and consumer use are typically excluded from zero trust architectures.

Unfortunately, Gartner analysts also predicted that by 2026, more than half of cyber-attacks will target areas that are not covered by zero trust controls and cannot be mitigated, such as API threats.

Zero trust implementation itself is also vulnerable to threats such as insider attacks and account takeovers, according to Watts, who said organizations must address this threat by implementing advanced analytics.

APIs: islands in the threat stream

In a report last fall, the company predicted that:

  • By 2025, less than 50% of enterprise APIs will be managed.
  • By 2025, at least 70% of organizations will implement specialized runtime protection only for the public APIs they produce, leaving other APIs unchecked and lacking API protection.
  • By 2026, 40% of organizations will select their web application and API security provider based on advanced API security and web application security features – up from less than 15% this year.

Finally, earlier this month, Gartner prediction that global IT spending would reach $4.5 trillion by 2023, up 2.4% from 2022, albeit less than the previous quarter’s forecast of 5.1% growth.

“As inflation continues to erode consumer purchasing power and drive down device spending, overall enterprise IT spending is expected to remain high,” the company said.

You don’t have to rewrite “The Old Man and the Sea” to let staff know about new technologies or changes in email security. Download these templates to make security alerts easy.

Source link

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Stay Connected

0FansLike
3,699FollowersFollow
0SubscribersSubscribe

Latest Articles