The Cybersecurity Reset Starts With Zero Trust

BrandPost By Zscaler
Nov 03, 2021
IT LeadershipZero Trust

Organizations worldwide are preparing for a new age of digital defense.

istock 1293730642
Credit: istock

The reset is a new wave of activity and an emerging global trend centered around cybersecurity planning. Businesses worldwide have waged an all-out war against the nefarious attempts of extortion via ransomware attacks and fraud perpetrated by cybercriminals to the tune of hundreds of billions of dollars. The cybersecurity industry has changed beyond recognition to evolve and match shifts in technology, such as the move to the cloud, 5G, AI/ML, IoT, mobile, edge computing — all while accelerating their digital transformation efforts. In addition, systemic cybersecurity challenges have crept up to the top of domestic and international political agendas with organizations realizing that cyber resilience is a public good. Adopting a zero trust architecture is on the priority list of many organizations.

Other factors affecting the great reset include: the emergence of new business models indelibly shaped by ubiquitous access; a proliferation of start-up companies challenging standards and norms; and the pandemic. As the sophistication of attacks increases, so too does the sophistication and cost of the tools required to thwart and mitigate their efforts

Additionally, the cyber defense budget is a growing concern for many small- to medium-sized companies because it drives up the cost of doing business, while eroding margins and profitability. We’ve seen triple-digit percentage increases in ransomware attacks, earning status as a global plague. This endeavor would not be sustained if it were not yielding results. 

Most companies have invested in cyber defense tools that range from anti-virus, endpoint detection, identity and access management, virtual private networks, password vaults, network segmentation, data encryption, and two-factor authentication. As a result, spending fatigue is present within management teams and boards as they struggle to balance the need for risk mitigation with the expense and opportunity costs.

Traditional defenses and tools fit into an architecture that previously served us well. However, in a modern, digital age, this outdated and vulnerable architecture has run its course. Over the next 18 months, expect to see technology and business leaders pushing for newer, more effective, and sustainable solutions. They want to see cybersecurity architecture that is capable of:

  1. Adapting to change, offering a greater return on the investment with a longer effective shelf life.
  2. Leveraging prior investments that were difficult to embed within the organization.
  3. Delivering business flexibility, and cost-effectiveness.
  4. Integrating across an ecosystem of options, technologies, and partners.

Technology leaders are demanding a plan that incorporates everything that we have learned so far. It is as if the world is taking stock and approaching this time as an opportunity to reset—reset the thinking, the design, the coverage, the spending patterns, the maintenance costs, the complexity, the partners engaged, and the effectiveness of integration. The great cybersecurity reset is happening globally. In the wake of the pandemic, technology and business leaders are asking: How can we set up our company for future success? How can we future-proof, innovate, and create the right environment for growth?

Zero trust is the dominant architecture powering a Secure Access Service Edge (SASE) ecosystem

The great cybersecurity reset will become a trend over the next 18 months as companies look to reposition their cyber approach and defenses. It is still early, but the momentum is shifting to a cloud-powered zero trust architecture (ZTA). Zero trust is based on least-privileged access and the principle that no user or application should be inherently trusted. It begins with the assumption that everything is hostile, and only establishes trust based on authentication and context.

A holistic zero trust security model also begins with validating user identity combined with business-policy enforcement based on contextual data from user, device, app and content to deliver authorized direct access to applications and resources. It is guided by three key tenets: connect users and applications to resources to prevent lateral movement of threats; make applications invisible to reduce the attack surface; and use a proxy-based architecture, not a passthrough firewall, for content inspection and security. Several technologies, solutions, and service providers can plug into a ZTA model using an open architecture facilitated by APIs. This ecosystem provides responsive, sustainable, and adaptive coverage and protection.

Unprecedented cooperation and collaboration

The reset is forcing business leaders to collaborate with technologists and the cyber team who need to coordinate the network engineers, telco engineers, IT risk management professionals, infrastructure teams, application development teams, finance, and operations teams in ways that have not been seen in the past. You hear terms like “Bus/Dev/Sec/Fin/Ops” being mentioned in a tongue-in-cheek manner. But this refers to a level of coordination and cooperation previously unseen. This is the new reality for many companies.

Vendors, suppliers, and solution partners can feel the immense opportunity emerging from this amount of change within the industry. With a myriad of options and choices, technology leaders will need to plan and select key partners wisely. Some will ignore this chance to reset at their peril. There is an element of confusion in the industry with the emergence of new acronyms and different partners all fighting for attention. Nevertheless, there will be some important decisions ahead.

The great reset has begun. With it, inevitably, comes exciting challenges that the industry must prepare for to accommodate a new normal. That new normal and great reset starts with zero.