August 31, 2022 Wes Wright Leave a Comment
It seems like there are more acronyms, labels and methods for bolstering security than ever before – and making sense of them all is proving to be just as complex as the infrastructure they’re meant to secure.
One widely embraced term, zero-trust architecture (ZTA), calls for continually vetting users as they access different applications and devices in a network. With a long list of requirements like multifactor authentication (MFA), identity verification, and traffic encryption, ZTA surely provides a comprehensive framework for securing your digital environment. But does it enable the most productive workflow? The short answer – not always.
Businesses embracing ZTA often implement siloed solutions. However, as we’ve seen with surging supply chain attacks, hackers often move laterally across the network, and fragmentation can create unknown vulnerabilities for them to exploit. Without strong integrations between solutions, ZTA can also require frequent verification and re-authentication between applications – not an ideal workflow.
There’s no slowing the growth of IoT and hybrid work environments, or the emerging technologies meant to secure them. So, analysts have come up with a new term that goes beyond ZTA and suggests a deeper, better integrated layer of security: cybersecurity mesh architecture (CSMA).
Cybersecurity mesh was coined by Gartner to offer a new perspective on strengthening security, and it should be viewed as the foundation to build your ZTA. By connecting the security tools used across a network, CSMA bolsters defenses around every critical access point, rather than traditional security around the perimeter.
As organizations embrace digitalization, strong integrations will be key to enabling seamless, invisible security. By acting as an identity fabric grounded in flexibility and scalability, CSMA calls for integrations that leverage analytics to help organizations remain adaptable, defensive and responsive in the event of a cyber incident.
However, to implement effective CSMA, it’s important to understand the trends and changes that led to its development.
The traditional perimeter for user access has disappeared. Remote access is now necessary for businesses – from third-party vendors to users working from home. While a virtual private network (VPN) or remote desktop protocol (RDP) was once effective in preventing breaches, evolving attacks prove they just aren’t enough.
Hackers are setting their targets on access points that allow for lateral movement, often through a VPN or RDP. This is becoming more common as it allows hackers to move through the network until they reach the most valuable data to breach, such as financial information. Users connecting from more devices and locations adds to the complexity.
All this creates a decentralized environment, introducing new risks that typically didn’t threaten the previous ‘castle-and-moat’ method of security.
Impacting over 18,000 customers, the infamous SolarWinds attack is an example of how costly and widespread these attacks can be. It stands out as one of the most sophisticated hacks against critical infrastructure.
The threat to the global supply chain is imminent. While some may view cybersecurity mesh as another buzzword, all organizations should consider it when developing a digital identity strategy and building ZTA.
The next defense: implementing cybersecurity mesh
By 2024, Gartner predicts that organizations with CSMA will reduce the financial impact of individual security incidents by 90%, on average. Unfortunately, the next attack is a matter of if, not when. To ensure your business doesn’t fall victim, follow these steps to secure your integral assets with cybersecurity mesh:
By ‘meshing’ together these cybersecurity solutions, businesses can validate the specific access privileges for each digital identity. This provides a cohesive blueprint for governing user activity, completely safeguarding critical assets. Cyber threats will only grow more agile and sophisticated. To protect your organization from the breaches of the future, consider trending efforts, like cybersecurity mesh.
Wes Wright is the Chief Technology Officer at Imprivata. Wes brings more than 20 years of experience with healthcare providers, IT leadership and security. Prior to joining Imprivata, Wes was the CTO at Sutter Health, where he was responsible for technical services strategies and operational activities for the 26-hospital system. Wes has been the CIO at Seattle Children’s Hospital and has served as the Chief of Staff for a three-star general in the US Air Force. He holds a B.S. in Business and Management from the University of Maryland and received his MBA from The University of New Mexico. Connect with Wes on LinkedIn.
Tagged With: CSMA, RDP, VPN, ZTA
The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Research finds that this distributed work environment is leading to IT management blind spots and shadow IT.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
Work seamlessly between office and home locations with the right technology and support
The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Resea...
In this webinar, subject matter experts discuss the transformation of the workplace, the rise of hybrid workers, the importance of open connectivit...
Learn More About the Windows Collaboration Display
Get the latest news about AV integrators and Security installers from our sister publications:
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
© 2022 Emerald X, LLC. All rights reserved.