4 MINS READ
Service
Cyber Security
Data and Cybersecurity to Fight off Cyberattacks
HIGHLIGHTS
- To trust or not to trust is no longer a question. Organizations must secure their ecosystems to thrive in the digital era. The traditional castle-and-moat security approach no longer works.
- To break the cyber-attack chain, organizations must shift to a contextual, adaptive, risk-aware, and resilient security model.
- A zero-trust model secures both internal and external entities of an organization without any bias and provides a holistic approach to cyber defense.
On this page
Why zero-trust security
An organization's security system must be based on five tenets.
Companies interact with external entities and access outside systems every day. This is a must-do to collaborate, survive, and reach digital customers—but it also introduces new vulnerabilities.
According to the US Treasury, enterprises forked out over $600 million in ransomware-related payments during the first half of 2021. One thing is clear: every organization’s security system should be stronger than ever to ward off threats. And these systems must be based on five tenets.
- Evolve with the pace of digital transformation
- Protect distributed business-sensitive data
- Meet data security and privacy regulations
- Achieve convergence of information technology (IT) and operational technology (OT)
- Secure technologies such as 5G, cloud, XaaS, and IoT
Zero-trust security and cyber resilience solution is an upgraded model–where nothing is left to chance and the architecture itself is context-aware, risk-driven, and adaptive enough to counter modern threats. This type of model can enable businesses to confidently pursue digital transformation without the fear of security breaches and reduce time-to-value.
Start with the basics
Zero-trust security is centered on preventing unauthorized access to digital resources.
We suggest implementing an organized control system for every access request using a trust broker that validates authorization and authentication at every level.
But a trust broker is just the start. The following best practices will help you on your zero-trust security journey:
- Resource visibility: Ensure visibility into the resources you need to protect, and eliminate security blind spots.
- Zero-attack surface (micro-perimeter): Prevent unauthorized human or non-human access by enforcing right access controls.
- Principle of least privilege: Provide minimum access and permissions to employees to deliver required business outcomes. Segregation of duties must be enforced to avoid conflict in access.
- Data-centric security: Move the security and privacy controls closer to data as it moves across internal and external security boundaries.
- Risk-driven approach: Identify critical risks and create a customizable IT risk roadmap that can adapt to changing threat landscape.
- Security visibility and analytics: Ensure all key security events in networks, workloads, and security components are logged, centrally correlated, and analyzed to derive insights using SIEM (security information and event management) and UEBA (user and entity behavior analytics) technologies. This will fine-tune security policies for adaptive security controls and expedite breach investigations.
- Security Orchestration Automation and Response (SOAR): Automate incident response processes and auto reconfigure security devices. While still in the early stages of maturity, SOAR tools and technologies provide the latest weapon in the zero-trust security armor.
Adopt best practices
Organizations can elevate their cyber defence by implementing an end-to-end zero-trust security model.
While the above-listed principles form the building blocks of zero-trust security, implementing them enterprise-wide can be complex—particularly while transforming existing cyber security practices and culture. Follow these best practices to mitigate common roadblocks:
Focus on cyber hygiene: Maintain basic cyber hygiene before planning zero-trust security adoption. The basic six controls outlined by the Center for Internet Security (CIS) can be a good starting point.
Holistic zero-trust strategy: Assess, reuse, replace, and/or rebuild existing security solution options. Prioritize adoption basis business requirement, transformation roadmap, availability of security controls, investment, and enterprise threat exposure.
In-built security controls: Zero-trust security must be integrated with overall enterprise transformation journey to ensure effective implementation and avoid being pushed back as an afterthought.
Continuous review and enhancement: Protect your ecosystems by setting up regular review cycles.
Frictionless user experience: Ensure a highly responsive trust broker solution component while evaluating complex access policies in real-time.
Frictionless journey
Stay one step ahead of cyber-attacks with a phased approach to zero-trust security.
Every organization is unique with varied security needs. A one-size-fits-all approach to zero-trust security implementation isn’t viable. However, a phased approach—can ensure you stay one step ahead of cyber-attacks.
Step 1 - Maturity assessment
Understand the starting point of your zero-trust journey – a business unit, IT department, or enterprise level. Assess your resource visibility, maturity of basic security controls, threat exposure, existing technology landscape, etc., to gauge your maturity level.
Step 2 - Strategy, architecture, and roadmap definition
Carve out a broader strategy and plan for zero-trust security:
Draft an architecture blueprint to meet target state maturity
Reuse existing tools to avoid unnecessary procurement
Carefully evaluate new tools if existing tools are insufficient
Prepare a business case
Outline phases and clear timelines
Developing roadmap for strategic and tactical initiatives
Step 3 - Foundation phase (tactical initiatives)
Address the gaps in the six Center for Internet Security (CIS) controls and pick easily addressable issues from the strategic stream:
- Identification and classification of business-critical data
- Data flow definition and mapping
- Asset inventory
- Security monitoring and analytics
- Secure configuration of end-points, servers, network, and security devices
- Continuous vulnerability management
- Set up multi-factor authentication (MFA) for critical access paths
Step 4 – Strategic implementation phase
With cyber hygiene addressed in Step 3, organizations should embark on strategic initiatives, which will enable incremental implementation of advanced cyber security controls (for instance, privileged access management, risk-based access governance, micro-segmentation, etc.). These integrated set of advanced and granular controls would ensure realization of zero-trust principles mentioned above.
Duration for each of the above steps vary across organizations depending upon their size and complexity. The overall zero-trust journey in general would span from one to three years. Organizations must take a holistic, pragmatic approach to realize value from zero-trust. For example, during the ongoing COVID-19 crisis, organizations that had mature zero-trust security controls seamlessly enabled secure remote access to ensure business continuity. Achieving zero-trust maturity today can prepare you for tomorrow’s next big disruption.
