Articles about Zero Trust

As enterprises move more data to the cloud and grant higher levels of third party access, attackers are increasingly targeting non-traditional user populations that may not be adequately protected.

But a new survey of CISOs from identity specialist CyberArk shows that security teams are shifting to zero trust in response to these changing attack patterns.

Continue reading →

A new report from Akamai looks at the technology shifts and usage patterns of 2020 noting a 30 percent jump in internet traffic thanks to COVID-19 lockdowns.

It also highlights criminals taking advantage worldwide, targeting all business sectors and industries, including information technology and security.

Continue reading →

When the coronavirus first appeared, organizations everywhere were forced to accelerate digital transformations to comply with stay-at-home orders and maintain business continuity. Now, thanks to the heroic efforts of IT and security teams to adapt to new challenges, we have a luxury we didn’t just over a year ago: time.

Today we can proactively think through new technologies and make long-term, strategic decisions about how they affect organizational strategy. And one of the most valuable ways that security pros can get ahead of the next challenge is by thinking through and scaling up their organization’s zero-trust mentality. Let’s look at what we mean by 'zero trust' and some tips for implementing it effectively:

Continue reading →

We've already looked at the possible cybercrime landscape for 2021, but what about the other side of the coin? How are businesses going to set about ensuring they are properly protected next year?

Josh Bregman, COO of CyGlass thinks security needs to put people first, "2020 has been incredibly stressful. Organizations should therefore look to put people first in 2021. Cybersecurity teams are especially stressed. They've been tasked with securing a changing environment where more people than ever before are working remotely. They've also faced new threats as cyber criminals have looked to take advantage of the pandemic: whether through phishing attacks or exploiting weaknesses in corporate infrastructure. Being proactive, encouraging good cyber hygiene and executing a well thought out cyber program will go a long way towards promoting a peaceful and productive 2021, not least because it will build resiliency."

Continue reading →

The idea of commuting to an office space for work increasingly feels like an outdated approach, especially as we are months into stay-at-home orders amid COVID-19. However, not long ago, some businesses were resistant to the idea of remote work, citing fears such as reduced employee output.

Fortunately, as organizations across all industries were forced to rapidly support remote work, many have been pleasantly surprised by continued, high levels of employee productivity, putting previous fears about diminished output to rest. Unfortunately, many organizations are still fumbling to put security infrastructure in place that enables remote work productivity without compromising security. In fact, 33 percent of organizations were not sufficiently prepared to support remote operations at the beginning of the pandemic, and many IT teams have been finding that they are in need of meaningful changes.

Continue reading →

After 2020 managed to turn most of the world on its head, making predictions for 2021 might seem to be a bit risky. Plenty of industry experts have been doing so, however, which means that it's time for our usual seasonal round ups of what you can expect to see from the technology world next year.

One of the biggest impacts of 2020's pandemic has been on networks as more people than ever have switched to remote work. Let's have a look at how the industry thinks this will play out in 2021.

Continue reading →

Securing enterprise networks has always been a challenge, but 2020 and the shift to remote working has made it even more so.

Fortunately secure SD-WAN technology can help businesses to deal with the new landscape as well as reducing costs and making strong security accessible to more organizations. We spoke to Mike Wood CMO of Versa Networks to find out more.

Continue reading →

The move towards zero trust has been one of the big security stories of 2020, driven by a switch to remote work, but so far it has been largely the preserve of bigger organizations.

Now though JumpCloud has added Conditional Access policies to its Directory Platform, enabling IT admins to adopt zero trust security from the same cloud platform that they use to manage and securely connect users to IT resources.

Continue reading →

Paying off a bad actor for successfully implementing ransomware into an organization is the enterprise equivalent of rewarding a bad child who vandalized a home with candy -- but unfortunately, many organizations often have no choice but to pay… and pay a lot.

Technology has enabled asymmetric attacks. In other words, one attacker can federate an attack across many organizations. The attacker needs to get the attack right once -- while the defenders (corporations, governments, hospitals, etc.) need to get their defense right every… single… time!

Continue reading →

With many large enterprises using Active Directory (AD) and Azure Active Directory (AAD) to control user permissions and access, this has become one of first places attackers look for weakness.

Add to this an acceleration of digital transformation projects due to the pandemic and more and more companies are looking to implement zero trust to stay secure. But a new report from One Identity suggests this transition may prove challenging.

Continue reading →

Virtual private network (VPN), software defined perimeter (SDP), zero trust network access (ZTNA), there are plenty of technologies around for protecting remote access to enterprise networks.

This is an area that's been thrown into sharper focus this year, but what's the best option for keeping remote access secure? We spoke to Scott Gordon, CISSP for Pulse Secure to discuss the value of the different options available.

Continue reading →

With upwards of two-thirds of UK adults set to work remotely for the remainder of this year, it’s clear that the pandemic will create a larger attack surface, and increase opportunities for cyber criminals. In effect, the enterprise perimeter has not only expanded but it has also become much more distributed.

Likewise, modern cyber attacks are not just limited to network intrusion from the outside. Internal threat actors can often be found at the center of sophisticated attacks. Therefore, today, threats come from both inside and outside the organization, via the business partner and supplier ecosystem, and through employees working remotely. This means we need to re-assess and re-think the way we defend our networks, users and data. For example, organizations will need more support around connecting and managing BYOD devices on the home network, including sharing of policies and tools around sensitive data, which could be accessed via insecure Wi-Fi. Additionally, with ransomware, phishing and DDoS attacks growing exponentially, they will also be looking for technologies that enable them to protect networks from cyber attacks, especially those that threaten network availability.

Continue reading →

Productivity and security can pull enterprises in different directions. Especially in the age of remote work when IT decisions are largely being dictated by the needs of a dispersed workforce. Let’s not forget, that remote work isn’t about an employee in a satellite office equipped with on-premise security infrastructure.

Remote work is about end users who work whenever, wherever, and from any device they choose. While this model has great productivity benefits, it’s placing IT and security teams on the backfoot and forcing them to protect business critical data in more places than ever before.

Continue reading →

As WFH continues and bad actors and cyberthreats thrive, it is more critical than ever before for organizations to have a robust cybersecurity strategy in place. The best way to get started? Leverage Zero Trust.

The chief concern security teams have is keeping threats and attacks out of their organizations. This is why CISOs make significant investments in security controls that protect important vectors like the network, data center, cloud, email and endpoint. This defense-in-depth approach is essential to detect and block threats, but they need to be bolstered with Zero Trust capabilities. Why? Simply put, because attacks and breaches continue to occur. In fact, we know that 64 percent of CISOs believe their organization is more likely to experience a data breach due to COVID-19, and an additional 30 percent of CISOs have seen more attacks on their IT systems as a direct result of COVID-19.

Continue reading →