How Organizations Can Address Emerging Security Challenges with Zero Trust

Until relatively recently, most organizations focused their cybersecurity efforts on keeping threats outside the network perimeter. An organization’s data and systems operated inside the perimeter, so keeping threats outside was an effective way of protecting IT assets. Users who were inside the perimeter were generally trusted and thus received access across many resources.

But, as technologies and access to resources have evolved, that approach to security doesn't work anymore. Companies can’t trust anyone. Cybercriminals have mastered tactics such as social engineering attacks to compromise users. Indeed, the easiest way to get into an organization is to target users and steal their credentials. Once those credentials are compromised, cybercriminals can use this access as a launching point to attack anything else that they want within the perimeter.

Organizations can address this problem by not allowing access to anyone who can’t verify his or her identity as a trusted user. This is the nature of the zero-trust approach to cybersecurity. Implementing this approach eliminates the weak point of implicitly trusting other people. By following a never trust/always verify policy, that implicit trust is eliminated, and any nefarious activity can be blocked.

Research indicates that more than half of organizations have implemented zero-trust initiatives. As I work with CDW customers, I see some common challenges. Because zero trust is a new way of approaching security, many organizations are still looking at it as a product that they can purchase. What they need to do is change their thinking and realize that zero trust is a mentality; it’s an approach.

There are products that can help organizations improve the effectiveness of their zero-trust implementations, but the first step is to adopt that overarching philosophy. IT teams must establish strategies for how they will secure specific elements in their IT environments, such as users and cloud resources.

However, many IT teams don’t have enough resources to effectively carry out their zero-trust strategies. Implementing a new approach requires time and effort, and most teams are challenged simply to fulfill their day-to-day responsibilities. I’ve seen many organizations turn this situation around after getting help from outside experts. A trusted partner can start putting these pieces together and coming up with a more seamless philosophy.

As organizations start looking at solutions to help them achieve their goals for zero trust, they should carefully consider their specific needs. Organizations with extensive cloud infrastructure or widely dispersed remote users need solutions that can provide effective security in those environments. For example, in remote environments, a secure access service edge solution can provide access only to authorized users.

A conventional VPN also can serve as an effective tool for limiting access to authorized users to the specific resources they need for their roles. Identity and access management tools enable organizations to identify users and what level of access they need, and then dynamically assign access to those resources.

Network access solutions such as firewalls have long been a staple for security, but firewalls today are much more than what they used to be. They’re intelligent and they have a number of features that provide IT teams with granular control of an environment. For example, an organization could tie its authentication solution into its firewall, blocking users who fail to authenticate. Firewalls also can provide segmentation capabilities that allow IT teams to set up specific zones for users such as administrative or human resources personnel.

Once organizations have identified the tools that they plan to implement within their zero-trust strategies, the next step is getting those tools to work together. OpenAPI has emerged as a valuable tool for integrating various solutions from different vendors and getting them to share data. This improves the quality of data security logs and provides an opportunity for security professionals to take advantage of artificial intelligence. AI is increasingly being used by cybercriminals to carry out attacks,  but it can also serve as a tool for organizations to improve their defenses.

For example, AI can help organizations engage in threat hunting, where they proactively search their networks for signs of a breach. There is a massive shortage of skilled cybersecurity professionals globally, and automation capabilities such as this can help IT teams extend the reach of their personnel. As organizations mature their zero-trust initiatives, incorporating AI and other automated solutions can help them improve the effectiveness of their efforts while reducing the burden on IT professionals.

Story by David Stuart