While the concept of Zero Trust was created 10 years ago, the events of 2020 have thrust it to the top of enterprise security agendas. The COVID-19 pandemic has driven mass remote working, which means that organizations’ traditional perimeter-based security models have been broken up, in many cases literally overnight. In this new normal of remote working, an organization’s network is no longer a single thing in one location: it is everywhere, all of the time. Even if we look at organizations that use a single data center located in one place, this data center is accessed by multiple users on multiple devices.
With the sprawling, dynamic nature of today’s networks, if you don’t adopt a Zero-Trust approach, then a breach in one part of the network could quickly cripple your organization as malware, and especially ransomware, makes it way unhindered throughout the network. We have seen multiple examples of ransomware attacks in recent years: organizations spanning all sectors, from hospitals to local government and major corporations, have all suffered large-scale outages. Put simply, few could argue that a purely perimeter-based security model makes sense anymore.
So how should organizations go about applying the Zero Trust blueprint to address their new and complex network reality? These five steps represent the most logical way to achieve Zero-Trust networking: by finding out what data is of value, where that data is going, and how it’s being used. The only way to do this successfully is with automation and orchestration.
Read the full article from CISO Mag here.