Zero Trust

Firewalla has announced Firewalla Orange, a portable multi-gigabit firewall and WiFi 7 router built to bring Zero Trust protection to networks in homes, offices, and travel setups. It’s the latest product in the company’s range of cybersecurity devices that includes Firewalla Purple and Firewalla Gold SE.

The new product delivers an advanced security stack that includes intrusion prevention, VqLAN microsegmentation, device isolation, GEO-IP filtering, VLAN support, and Active Protect rules that shut down threats in real time. It’s rated for more than 2Gbps of packet processing, so can support cloud services, smart home devices, and remote work activity.

Organizations face massive mobile security vulnerabilities as they increasingly embrace BYOD and hybrid strategies. At the same time traditional mobile security tools are failing to mitigate these risks while also compromising employee privacy.

A new report from secure virtual mobile infrastructure firm Hypori, based on a survey of 1,000 global security, risk, mobility, and BYOD decision-makers, finds 92 percent of security and risk leaders are facing challenges in zero trust implementation.

Cloudflare has launched new Zero Trust tools in its Cloudflare One platform to help businesses adopt artificial intelligence securely at scale. The features aim to give organizations better visibility into how AI is used, as well as protection from unapproved applications, and controls to safeguard sensitive data, all within a centralized system that can support distributed teams.

Generative AI is now being used by employees across departments, from finance to design, to speed up tasks and create new applications. While this can, and does, help improve efficiency, adoption often happens without security oversight.

New survey data reveals that 49 percent of organizations with privileged access management report fewer security incidents tied to privilege misuse.

The report from Keeper Security, based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia, explores the motivations driving PAM adoption, the most common obstacles to deployment and the features enterprises consider essential for securing access in today’s cybersecurity threat landscape.

A new survey of 1,000 IT, security, and engineering professionals across North America uncovers a fractured landscape of legacy VPNs, slow manual processes, and overlapping tools -- with 99 percent of respondents saying they'd like to redesign their company’s access and networking setup from the ground up.

The study from Tailscale also shows that 83 percent of IT and engineering professionals admit to bypassing security controls in order to get their work done. Also worrying is that 68 percent say they have retained access to internal systems after leaving a previous employer, revealing critical gaps in offboarding and identity lifecycle management.

New research from Object First shows 81 percent of IT professionals say immutable backup storage built on Zero Trust principles is the best defense against ransomware, and 54 percent view target backup appliances as more secure than integrated appliances.

The report, produced with Informa TechTarget's Enterprise Strategy Group, finds two-thirds of organizations have suffered an attack, and 45 percent experienced multiple attacks. Moreover, 49 percent of affected organizations took up to five business days to recover, and most could not recover all of their data.

The shift to hybrid working means that managing enterprise networks has become more complicated, but legacy remote access solutions fall short in meeting the needs of supporting both managed and unmanaged users and devices.

Unmanaged users don't want to install heavyweight clients designed for managed use, such as VPN or ZTNA clients. Plus, in the case of contractors or consultants who service multiple customers, it's just not possible or practical to install multiple clients.

Industry 4.0 is revolutionizing how enterprises need to operate. Integrating cloud technology, robotics, mobile devices and IoT devices is essential to staying ahead in an increasingly competitive global market. To maximize the benefits of Industry 4.0, however, these technologies must always stay connected to a network.

This has become even more true as IT environments grow to massive scales and unprecedented digital dependencies drive business outcomes. In 2025, network downtime could carry a price tag with consequences we’ve never seen before. Therefore, as businesses look to cellular and/or hybrid approaches to enhance their wireless wide area networks (WWAN), they must depend on four things to create resilient connectivity -- artificial intelligence (AI), satellite, network slicing, and a renewed respect for zero-trust principles.  

Organizations are caught up in a whirlwind of AI adoption, whilst struggling to ensure their security standards can match up. And as the rush to integrate AI into business processes continues into 2025, the time to safeguard its deployment is now.

To-date much of the security discussion around AI has focused on protecting against AI-powered threats. However, an overlooked aspect of AI security lies in the internal workings of AI systems, notably the hidden layers in machine learning models. Understanding the evolving threats to these internal structures is crucial to ensuring the safety and integrity of organizations seeking a security foothold in the current storm of AI adoption.

The state of high-profile cyber incidents in recent years has highlighted the fact that defenses need to be kept up to date to provide adequate protection.

AI and machine learning have the potential to transform security operations to enhance protection against emerging threats. We spoke to Gurucul CEO Saryu Nayyar to get her view on how protection technologies are evolving and why this is so crucial.

Despite its promise, the Zero Trust approach to cybersecurity is often more notional than actual in its deployment. Many companies today are far from getting the most of what a truly Zero Trust system can offer. Gartner estimates that only 10 percent of large organizations will have a mature and comprehensive Zero Trust system by 2026. What’s more, continual reliance on human operators means that by default Zero Trust systems can only be as dependable as the people using them. This awkward fact should be kept in view before we put too much faith in systems that are described as ‘Zero Trust’. However, Zero Trust can be made to live up to its name with the addition of new tools that remove the vulnerabilities of the standard approach to using this system.

Zero Trust works by enforcing a blanket rule that all access requests must be authenticated. Unfortunately, the promise of ‘never trust, always verify’ falls apart when human beings enter the picture. Human beings configure the security tools, make judgments where an exception may be needed, and assemble the underlying IT infrastructure. All of that adds up to a lot of trust in human operators and a major caveat for Zero Trust. 

A new survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns across a number of areas.

The study from Portnox finds worries around the effectiveness of zero trust, the limitations of multi-factor authentication (MFA), and a looming threat to job security amidst an increasingly complex cybersecurity landscape.

A new zero-trust stealth mode browser is being launched by SlashNext, designed to see through obfuscation techniques commonly used by threat actors, and deliver enhanced protection against phishing and malware.

In recent years, well-intentioned companies offering free services such as CAPTCHA solutions and content delivery networks have inadvertently aided threat actors. For example, Cloudflare's Turnstile Services and similar CAPTCHA solutions are commonly exploited as obfuscation techniques. CAPTCHAs are used to block the crawlers employed by security services from accessing and analyzing phishing sites.

As network boundaries can no longer be relied on to define the limits of cybersecurity, zero trust has become the overarching framework that now guides enterprise security strategies.

However, Zero Trust Network Access (ZTNA) has its limitations, especially in application security, and this can open up risk for organizations heavily reliant on SaaS systems.

A new study from Appsbroker CTS finds 79 percent of IT and cybersecurity leaders believe that emerging technologies like GenAI will 'change the game', leaving them unprepared.

In addition 90 percent say the risk and severity of cyberattacks has increased over the past year, while 61 percent believe the attack surface is now 'impossible to control'.