Cybersecurity : Zero Trust is a digital business enabler
Blame it on the pandemic but shifts to work-at-home and back-to-office along with greater dependency on technology have thrown enterprise IT teams in total chaos. And, cybercriminals thrive in chaos. Here’s a quick reality check. A recent report by IBM finds that Asia is now the most targeted region for cyberattacks, representing 26% of attacks analysed in 2021. India features in the top-three list with financial services and manufacturing sectors being the most targeted industries. Furthermore, cost of a data breach in India averaged Rs 17.6 crore in 2022, a 6.6% increase from 2021, reveals Tushar Haralkar, security software technical sales leader, IBM Technology Sales, India/South Asia.
The only way to provide comprehensive protection for users —employees, customers, vendors, partners — is to move security and access controls to the cloud. In this context, Zero Trust approach to security is seeing increasing adoption, especially in environments that are no longer contained within the traditional office network, but have spread far beyond.
“The pandemic has been both a crisis and an opportunity for increasing Zero Trust adoption among enterprises of all sizes,” says Haralkar. “With Zero Trust, visibility, detection, and prevention work together to secure the most valuable and sensitive data assets of firms. Additionally, smaller firms are using the Zero Trust model to reduce compliance costs and scope,” he adds.
Also Read: Google removes 16 apps from Play Store for this reason; check the full list here
With the Zero Trust approach, breach costs are already being controlled without adding more technology. In fact, as per the Cost of Data Breach report, organisations in India that are in the advanced stages of adopting the Zero Trust model experienced a total cost of Rs 15.1 crore as a result of a data breach as opposed to organisations that have not yet begun Zero Trust deployment and have experienced a total cost of Rs 24.6 crore, Haralkar says.
To be sure, Zero Trust is not a product, it is an overall security strategy that has to be aligned to business goals. As a first step to designing a Zero Trust Architecture, it is important to keep in mind the maxim ‘Never Trust, Always Verify’ – which is to never assume that any user, application, device, or process is trustworthy. Instead, continuously evaluate whether someone or something should have access to sensitive data based on contextual information. The second point is ‘Least Privilege’, which means providing minimal access required to perform certain job functions. Lastly, businesses should ‘Assume Breach’ by identifying threats and automating responses that do not just stop the immediate attack but dynamically adapt access controls as well.
It’s important to note, however, that implementing Zero Trust by itself is not the complete solution to modernising the security posture. By stacking multiple security technologies into one platform, extended detection and response (XDR) assists in completing Zero Trust’s comprehensive security monitoring requirements. By combining zero-trust security with XDR protections, even the most distributed workforce is protected across all users, applications, and environments.
“As one of the leading providers of enterprise security products and services, IBM delivers XDR and Zero Trust when it comes to aligning strategy with business objectives. It protects the data of users’ applications and modernises the entire platform by ensuring that it is a platform-based approach, rather than a point-based approach,” Haralkar points out. Key aspects of its Zero Trust offering are designed to put security everywhere, so businesses can thrive anywhere. “We align the security strategy to the business, protect identities, data, apps, endpoints, and cloud, manage defences against growing threats and modernise security architecture with an open platform,” he summarises.
DIGITAL DANGERS
Asia is now the most targeted region for cyberattacks
Average total cost of a data breach in India stood at Rs 17.6 crore in 2022
Financial services and manufacturing are targeted the most
Total cost of a data breach for a firm in the advanced stages of Zero Trust deployment is Rs 15.1 crore compared to Rs 26.1 crore for those who have not yet taken the Zero Trust road
Gloss