We all thought that COVID-19 could not deteriorate the cyber risk environment any further, yet the pandemic has dealt the supply chain a serious blow in 2021.
Shortages of materials and saturation of ports and terminals were compounded by a lack of containers and pallets, truck drivers, and various other shortcomings, causing disruptions that affected manufacturers, distributors and consumers.
Seizing this opportunity, cybercriminals have escalated supply chain and ransomware attacks on businesses, often employing Ransomware as a Service (RaaS) tools purchased from the Dark Web.
The current reality is that many cyberattackers simply use weak, stolen, or default stored passwords to log in. According to Verizon’s 2021 Data Breach Investigations Report, 85% of breaches last year had a human element, often involving social engineering, such as phishing emails. According to the United Nations, the number of malicious emails has increased by 600% during the pandemic.
In response, 2022 will be the year in which access controls – security measures intended to govern who can see or use specific computing resources – are tightened, especially at remote sites accessible online.
Never trust, always verify
“Trust but verify” has always been a classic adage in cybersecurity. However, there are countless breaches of trust repeated on many occasions, whether through negligence or malicious intent. This has led to the generalization of the opposite principle: “Never trust, always verify”.
Codified in a set of practices and technologies known as Zero Trust, the default position is that anyone who has not had their identity authenticated and given explicit permission to be admitted into a secure system. is denied access.
The Zero Trust model is something of an evolution of the principle of least privilege, whereby users only have access to the resources they need to complete a task, and only for as long as it takes to do that job.
After the initial authentication, Zero Trust security controls require additional authentication by multiple factors (fingerprint, facial recognition, etc.) and block user access to all applications or services that are not theirs. authorized. Thus, even if a cybercriminal manages to infiltrate the system, a lateral movement attack can be thwarted.
If we have heard about the Zero Trust concept for several years, it would be wrong to see it as a standard security solution. Rather than a list of checkboxes, it’s more of a mindset guiding each company along a path of its own, determined by its specific infrastructure and goals.
Although difficult to pin down, the Zero Trust has been proven to mitigate certain financial consequences. An IBM study reveals that this type of approach helped reduce the average cost of a data breach by more than 40% in 2021.
The Year of Deep Distrust
For most companies, Zero Trust means a major cultural shift. Instead of assuming that users are bona fide, this approach assumes the universal principle that no one should be trusted, blocking malicious individuals and requiring bona fide users to confirm their identities frequently.
This transformation risks harming the ease of use expected by employees within a company and 2022 could become “the year of deep mistrust”. Yet it will help counter the resurgence of attacks targeting digital systems, which is why solutions can and should evolve to enhance security while maintaining productivity and ease of access.
One way to achieve this balance is to adopt a risk-based approach, with variable verification measures depending on factors such as user equipment, location, time of access or yet the systems and information it accesses.
Zero Trust is like a lie detector that adapts to the potential risk of each interaction and – if implemented correctly – authenticates users with maximum fluidity.
Technologies and techniques ensuring fluidity
There are a number of technologies and techniques available to limit the impact on users. Single Sign-On (SSO), for example, significantly reduces friction because users only have their identity verified once to access different systems and information. However, it is important that passwords are not the only security measures.
A comprehensive Privileged Access Management (PAM) solution enables organizations to seamlessly enforce the principle of least privilege, so users only have access to the data and applications they need , when they need it. In particular, PAM controls the privileges of administrator accounts targeted by adversaries seeking full access to systems.
Endpoint Privilege Management (EPM) is another important tool that addresses the risks of local administrator access exploited by ransomware and other threats. EPM combines application control and PAM so that only trusted and known applications can run on users’ workstations.
Multi-factor authentication (MFA) is also an effective way to apply adaptive authentication and has become very popular with users in recent years thanks to biometrics.
Zero Trust is not a single solution but an approach. Organizations need to determine which controls will reduce risk the most and break down their Zero Trust strategy into several steps. To avoid disruption, this risk reduction must be achieved without a noticeable increase in friction for users.
The adage “Trust but verify” has had its day. Just like the habits of not locking your door or leaving the keys on the starter. When it comes to network access, we’re all going to have to get used to being mistrusted, provided it happens as transparently as possible.
Tribune by Yves Wattel, Vice President Southern Europe at Delinea