Cyberattacks aren’t just a direct threat to an organisation’s income and reputation. In fact, the threat to business continuity is just as concerning as the spectre of data loss.
Our recent research points to the scale of the risk. In 2021, one in five mid-market businesses (21%) suffered a ransomware attack and subsequently paid the ransom. For each successful ransomware attack businesses are subject to very real disruption, with essential files, systems, or devices locked away. Ransomware can stop workers from fixing the problem and continuing with business as usual, all while employees are blocked from accessing essential information or even the entire network.
No matter the sector, the impact of this kind of disruption can be serious. Whether it’s knowledge-based companies unable to access their email servers and interact with clients, or utilities providers unable to log jobs and request parts, continuity breaches are no joke.
The remote risk
This isn’t a static problem: the scale and complexity of the threats involved are growing exponentially. The corporate boundaries that used to mark the line between ‘safe’ and ‘unsafe’ have dissolved. Work is no longer a place, but an activity, and the pandemic has only accelerated the move to remote work in many industries.
That means defining what’s a safe network, device, or login and what isn’t is now much more complex. Keeping on top of security for hundreds or even thousands of individual users, all connecting via a whole range of setups, seriously increases the risk of a continuity-breaking attack.
Yet our research indicates that over half (51%) of mid-market firms admit they have not purchased cybersecurity products that protect against threats for hybrid and remote workers. And with 41% of organisations admitting that future-proofing their cyber defences ‘needs development’, security needs a fundamental rethink to deliver rapid and secure access across business ecosystems.
Much has been said about the end of the traditional perimeter and the need for organisations to adapt and develop a Zero Trust security stance in response. But what does this mean in practice?
In short, when it comes to providing secure access to network resources, a Zero Trust security model turns the old idea of ‘connect then authenticate’ on its head. Instead, it establishes a paradigm in which trust is consistently re-evaluated based on real-time behavioural data, not a single successful login. Think of it like those scenes in blockbuster movies where the heroes infiltrate the villain’s lair – one mistake and all the alarms in the building are blaring. Zero Trust is more nuanced than that, but the basic principle is the same: if something looks suspicious, stop it first and ask questions later. Don’t just let it keep walking around because it flashed the right badge on the way in.
‘Trust no one’ may seem like an extreme mantra, but in today’s cybersecurity landscape, it’s essential. Here are four key steps to guide you along your way in understanding and implementing a Zero Trust position.
1) Trust no-one
This is the cardinal rule for perimeter-less security. The aim is to achieve a Zero Trust position, ensuring that users, devices, and logins are continually assessed and re-evaluated before access is granted to corporate resources. Rather than operating a ‘one and done’ policy, a Zero Trust approach dictates that every attempt to access potentially confidential information or systems should be met with checks and balances.
2) Follow the user
For seamless Zero Trust, security needs to go where people go, flawlessly adapting to whatever device, network or location they are using. Rather than denying access to unrecognised devices or simply requesting a password, businesses need systems that can draw on more complex datasets to make context-aware decisions. In other words, they need…
3) Smarter security
…which can fuse context and identity to understand what ‘normal’ looks like and autonomously responds to suspicious behaviour. Truly smart security systems can analyse data about geolocation, time of day, speed of movement (i.e. logging in from two locations without expending the time required to physically get from one to the other), speed of access (i.e. clicking through files faster than humanly possible), and more to correctly identify risky behaviour – and shut it down.
4) Future-proof your investments
Finally, it’s worth bearing in mind that an effective security system is never static. The demands you face will change, as will the needs of your workforce. Given the need to continuously iterate, it’s advisable to consider combining your network and security services in one place. This will provide rapid, secure business access right across an environment, and enable upgrades without having to laboriously integrate new point products with old ones.
A single platform that provides all your core security requirements in one place, is a key consideration for maintaining continuity. It gives you the intelligence and automation to protect an increasingly mobile workforce whatever the future holds.
To find out more about how to implement a Zero Trust approach, download our ebook Your Guide to Implementing Zero Trust