By Richard Enderby, Cyber Security Practice Lead
|No organisation, regardless of size, industry sector, or geographic location, is immune to a cyber-attack. Networks have become more complex with technology evolving and so too have the cyber exploits becoming more sophisticated, elusive, and targeted.|
The increasing popularity of network-connected smartphones and other devices mean the number of ways to compromise a company have increased exponentially. A more integrated cybersecurity approach is required for the digital organisation today, one built around the concept of Zero Trust.
Detection and remediation are no longer effective strategies. Instead, companies must look towards active prevention if they are to safeguard their network infrastructure. According to the Check Point Cyber Security Report 2020, last year saw an escalation of sophisticated and targeted ransomware exploits. This means attackers are spending more time to gather intelligence on their victims to achieve maximum disruption and scale up ransoms. Such has been the severity of the attacks, that the FBI has softened its previous stance on paying ransom. They now acknowledge that in some cases, businesses need to evaluate their options to protect their shareholders, employees, and customers.
Adding to the complexity of the environment, the use of connected Internet of Things (IoT) devices will accelerate as 5G networks are being rolled out. These will increase networks’ vulnerability to large-scale, multi-vector cyberattacks. IoT devices and their connections to networks and clouds have long been the weak link in security. It is difficult to get visibility of these devices that can have complex security requirements.
Security done differently
Therefore, a more holistic approach to IoT security, combining traditional and new controls to protect these ever-growing networks across all industry and business sectors, is critical.
Check Point expects the new generation of security to be based on nano security agents. These micro-plugins can work with any device or operating system in any environment, controlling all data that flows to and from the device, and giving always-on security.
Currently, most security solutions are based on detection engines built on human-made logic. Keeping these current against the latest threats and across new technologies and devices is impossible to do manually. This is where artificial intelligence (AI) will come into play. The technology will dramatically accelerate the identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities, and develop more evasive malware.
Enter Zero Trust
Zero Trust security is no longer just a concept. It has become an essential security strategy that helps companies protect their valuable data in a ‘perimeter-everywhere’ world. Implementing Zero Trust Networks, the key principle of this model, is crucial in preventing malicious lateral movement within the network.
The idea is to create a network segmentation by placing multiple inspection points within the network to block malicious or unauthorised lateral movement. This means that in the event of a breach, the threat is easily contained and isolated. The best practice is to create a very granular segmentation by defining ‘least privileged’ access control strategy – this is where users can gain access only to the resources that they are meant to use. For example, an access to source code should be granted only to R&D team members. This way only the absolute minimum, legitimate traffic between segments is allowed, while everything else is automatically denied.
However, even if a company is equipped with the most comprehensive, state-of-the-art security products, the risk of being breached cannot be eliminated. Detecting and automatically blocking the attack at an early stage can prevent damage. To win the cyber security battle, companies need strong threat intelligence, threat prevention technology, and a consolidated security architecture that protects all attack vectors.
To read more about this topic in our Cyber Security Guide click here
To find out more click here