EXPERT SPEAK
WHY EMBRACING A ZERO TRUST SECURITY APPROACH IS INEVITABLE
Achieving a state of zero trust is a continuous journey , and navigating its complexities requires more than just throwing technology at the challenge , instead relying on security trainings and comprehensive user awareness programmes explains Ryan Chapman at SANS Institute .
Momentum for zero trust migration is accelerating across the cybersecurity community . From the Biden Administration ’ s 2023 National Security Strategy to the acceleration of zero trust adoption in the Middle East , nearly 90 % of global organisations have already started implementing basic aspects of a zero trust security model . And in Forrester ’ s 2024 predictions report , analysts forecast that dedicated roles with zero trust in the title are expected to double over the next year .
This is because the need for zero trust authentication has never been clearer . Conventional network security approaches are increasingly vulnerable in today ’ s cloud enterprise environment , where post-pandemic digital transformations , software supply chains , remote work models and bring-your-own-device policies have widened the attack surface .
Cloud-based cyberattacks increased by nearly 50 % in 2022 . Meanwhile , more than 10 million people were impacted by supply chain attacks over the same year .
A zero trust mindset strays away from ineffective network perimeter-based security controls , instead layering defences from the inside out to strengthen safeguards around business-critical data . It prioritizes continuous verification over implicit trust , delivering enhanced protection through granular user authentication , the principle
Ryan Chapman , Certified Instructor , SANS Institute of least privilege , data segmentation , and ongoing monitoring .
By following zero trust principles , organisations can drive a dynamic security posture that transcends legacy limitations to secure sensitive information regardless of user location or network access point .
However , it is important to remember that implementing an effective zero trust framework in 2024 will introduce heightened complexity due to the requirement for additional policies , workflows , and maintenance tasks . Organisations must position their IT employees , many of whom began their careers in the traditional network security era , to facilitate datacentric zero trust implementation .
That starts with ensuring they are trained on the fundamental pillars of zero trust , identity , devices , network , data , and applications , workloads . In addition , silos must be broken down across functional security teams to prevent bottlenecks that hinder zero trust ’ s effectiveness .
Security training
Adopting a new security model without the right transitional measures can negatively impact security posture . Personalised upskilling and reskilling
It is important to remember that implementing an effective zero trust framework in 2024 will introduce heightened complexity due to requirement for additional policies , workflows , and maintenance tasks .
54 www . intelligenttechchannels . com