Two cyber security trends you need to know about

2020 will go down in the history books for many reasons, but one may very well be that it was a watershed year for cyber security. Several technology trajectories, including the massive growth in data, the rise in endpoints, and the industrialisation of cybercrime, converged and were amplified by the COVID-19 pandemic and a global, almost overnight shift to remote working.

This, including headline-making data breaches here and abroad, have fast-tracked several cyber security trends. Two important ones you need to know about, according to Greg Griessel, cyber security technology solutions architect at Cisco, are the Zero Trust security model, and SASE – secure access service edge.

Zero Trust Security

A Zero Trust security model turns our traditional approach to security on its head, says Griessel. Traditionally, we throw our doors open to everyone, and then keep an eagle-eye out for bad apples and ban them from the network. The reality is that today – given the value of our data and the sophistication of cyber-attacks – we need to reverse this.

This is called a Zero Trust security model: by default, no one is trusted. Not the user, not the device, not the network, nor the application. Instead, on a case-by-case basis, and for a limited time only, exceptions are made and continually verified. At Cisco, this is managed along three vectors: workforce (in other words, users); workplace (where the access originates from); and workload (the application requiring access to the corporate network.

1. Workforce
80% of breaches are due to stolen credentials, says Griessel. To protect against this, users need to be verified by multiple factors and at a specific point in time, not forever. Ongoing verification is vital to catch any subsequent compromise.

2. Workplace
Compromised devices are another common cause of breaches: up to six out of ten breaches involve a device. Verification needs to factor in both device location, especially with working from home, and device type. Inevitably IT has more control over devices on the corporate network than those out in the wild, so tighter controls could be put in place over remote devices. Even so, not all devices on a corporate network are equal: does a printer in the corner require the same access rights as an essential server? Further, by their very nature, mobile devices move, and this points to another aspect of Zero Trust: controls need to be dynamic and adapt to changing roles and functions. This adaptability needs to be automated and baked into the network to avoid overwhelming the IT team.

3. Workload
This refers to not only the applications that users access but also the myriad of interconnections that exist between these applications, which may be hosted or sitting in the cloud, and be connected via a corporate network or the internet. Here, the payoff is between user experience and application performance vs protecting applications and the organisation’s crown jewels: the data sitting on servers. Again, in a Zero Trust security model, limited access is granted to what is required depending on the access method.

“The Zero Trust model is a very dynamic environment where you trust nothing and grant trust on a transactional basis,” says Griessel. “And then you continuously verify that trust and make sure that it still exists.”

SASE – secure access service edge

Here, cyber security intersects with another technology trend – the rise of the cloud – that has had its momentum amplified by the pandemic. Working from home has forced even the cloud sceptics and laggards to embrace the cloud to keep day-to-day operations running effectively. And with so many applications and services – up to 90% in some cases – moving into the cloud, and crucially, being accessed via the internet rather than a corporate network, it no longer makes sense to run security in a traditional, hosted, on-premise, centrally controlled way.

SASE therefore refers to the shift of security services into the cloud and being offered as a service. This brings security closer to both users and their applications and services, and gives organisations the operational and budgetary agility and scalability to navigate changing circumstances such as working from home.

The SASE vision, Griessel explains, is: “I want security controls, but I don’t want to own them. They must live in the cloud because I don’t want to have people connecting to my on-premise systems as a way of piping traffic through to where it needs to go. As long as users have internet access, we can make sure we get the traffic into a SASE-based cloud security solution, and this then acts as a secure conduit to the rest of the world.”

If these trends sound overwhelming its reassuring to know that organisations don’t need to take a slam dunk approach to either. A phased approach, tactically implementing these models where it makes sense – for instance there is a compelling use case for SASE with SD-WAN technology – is entirely feasible. Other companies, however, have realised that these are the next logical evolutions in cyber security and have more energetically embraced Zero Trust and SASE across their networks.

Greg Griessel is presenting and joining two panel sessions at Cyber in the City where he’ll be available to answer your questions on these trends and other cyber security issues. Cyber in the City is on 19 November 2020 from 9 am to 1 pm. Visit cyberinthecity.co.za to register.