Zero Trust

The majority of data breaches are down to compromised credentials that allow privileged access to corporate systems, in particular infrastructure secrets such as API keys, certificates, database passwords and access keys.

Keeper Security is launching a new solution to help businesses in securing these secrets. Keeper Secrets Manager is cloud-based, fully-managed and uses innovative security architecture.

Zero trust has been one of the security buzz phrases of the past year and control of identity and credentials is likely to remain a focus for businesses and consumers alike, especially as the work from home trend looks set to continue.

Here's what some of the experts think the identity field holds for us in 2022.

A new survey of over 1,000 IT security professionals finds that 75 percent of organizations recognize zero trust as being important to bolstering their overall cybersecurity posture.

However, the study conducted by Dimensional Research for One Identity also shows only 14 percent have fully implemented a zero trust solution. Another 39 percent of organizations have begun to address this need, and an additional 22 percent say they plan to implement zero trust over the course of the next year.

It's easy to pigeonhole cybersecurity as something for the IT or security team to look after. But a major cyberattack can have a devastating impact on the business as a whole.

It's important, therefore, that security be looked at in the context of the entire enterprise. This also means considering approaches like 'assumed breach' where you accept that sooner or later attackers will succeed in getting into your network.

Most things have a day or a week or a month nowadays, and as you're reading a tech news site it probably hasn't escaped your attention that October is Cybersecurity Awareness Month.

But just in case you missed it in all of the Windows 11 excitement, here's a round up of what some leading industry figures have to say on cybersecurity, and why we need to be aware of it.

The zero-trust model is an enigmatic animal. Sometimes you think you already know and understand it, but you may end up realizing there’s still a lot to learn. This quandary can be exemplified by the use of firewalls to protect an organization’s networks and IT resources.

Traditional firewall software has already ceased to be useful in putting up meaningful security for organizations. The same goes for legacy firewall appliances. However, firewalls have evolved to provide more features and functions that address present-day threats.  As network security specialist Ruvi Kitov suggests, "firewalls are not going anywhere." They just evolve and add new features to address new needs.

Organizations are prioritizing strategic security programs but are missing the capabilities they need to make meaningful changes to their security posture according to a new report.

The study by ReliaQuest, in partnership with Ponemon Research shows that 48 percent of organizations are prioritizing implementing zero trust principles as part of their security strategy.

As the business network landscape has become more complex, many organizations are turning to zero trust network access (ZTNA) in order to boost their security. It's also replacing or supplementing older technologies like VPN.

We spoke to Kurt Glazemakers, CTO at secure access specialist Appgate who believes that there is a solid business case for ZTNA as well as a security one.

Although COVID-19 has meant a change to remote working, six out of 10 respondents to a new survey by Thales are still relying on traditional security tools and 44 percent are not confident in their ability to scale to remote work.

The study of 2,600 IT decision makers, commissioned by Thales and conducted by 451 Research seeks to better understand the new security risks and challenges caused by the rise of remote working and cloud transformation.

How many people do you trust with your credit card information? Or your social security number? For most people, the answer is zero (unless you’re married, in which case the answer might still be zero). What many don’t realize is that there are far more damaging security risks than a stolen credit card number. Namely, your internet browser. We don’t often fully appreciate how much our browsers know about us. We use them for our email, shopping, sensitive company data, and yet we leave our browsers more vulnerable than the wallets in our pocket. The truth is a compromised browser might have you wishing you’d just lost your wallet.

Even though we’re always looking out for pickpockets, hackers may well be just as ubiquitous. Following the post-COVID digital boom, the last six months have seen a sharp rise in cyber attacks taking advantage of the security gap that comes with shifting entire enterprises to a remote environment. Companies scrambled to introduce short-term fixes like scaling existing VPNs to connect employees to a central network, but the cost and complexity meant that this approach simply wasn’t going to work to support long-term remote operations. In fact, many companies struggled to expand their efforts to implement VPNs as a remote security measure that could support today’s mobile workforce, and as a result, it is likely that this outdated technology will be  abandoned altogether in the near future.

Almost all UK business leaders and IT decision makers either plan to or have already started implementing zero trust strategies at their organizations according to new research from Illumio.

The research also looks at the barriers that prevent organizations from adopting zero trust. The main technological barriers include legacy systems that can't be upgraded (29 percent) and cost constraints (22 percent).

As a big chunk of the world suddenly started to work from home during the pandemic, many companies turned to VPNs as a means of securing remote access.

However, as more systems are now in the cloud and secured using zero trust network access (ZTNA) is the age of the VPN over? We spoke to Robert Byrne, field strategist at One Identity to find out.

As the enterprise IT landscape has become more complex, security is no longer a matter of simply securing the network perimeter. The cloud and remote workers now have to be part of the equation too.

In order to cope with this, more and more businesses are turning to the use of zero trust methodology. We spoke to James Carder, CSO of SIEM platform LogRhythm to find out more about why this is a technology whose time has come and how it can be implemented effectively.

As enterprise boundaries have become more flexible, older authentication models of security have begun to look increasingly outmoded.

A new survey of 150 IT security decision makers carried out by ThycoticCentrify finds that 71 percent of contributors agree that a distributed workforce makes a zero trust security strategy even more critical.

Since the idea of Zero Trust was first proposed back in 2010 it's sparked interest from organizations of all sizes.

But why is Zero Trust seen as a game changer when it comes to protecting organizations and data? We spoke to Jason Clark, chief security and strategy officer at Netskope to find out.