Can’t Trust Anyone
It’s clear that traditional security architectures and philosophies don’t work anymore. In 2018, cybercrime generated $1.5 trillion in revenue for hackers, growing to $6 trillion by 2021. These statistics are even more alarming in light of the fact that organizations have more security tools in their stacks than ever before.
So why is cybercrime still growing?
Traditional security methods, such as sandboxing, whitelists, and URL filtering, rely on the ability to identify malware before it activates in the user’s environment. This approach may have worked previously when websites were mainly static and malware was less sophisticated. Most sites nowadays, however, are made up of rich media and dynamic content served from distributed, hijackable servers scattered across the web. Web apps and Software as a Service (SaaS) are also changing the way users access the Internet—users require continuous, 24/7 direct connections no matter where work takes them.
As websites and web apps become more content-rich and dynamic, malware evolves in complexity and prevalence. Today it’s extremely easy for a threat actor to spin up a new threat for just a few hundred dollars, making it cost efficient to bombard a target with multiple attacks and variations until something gets through. In addition to this scaling operation, hackers have made technological advances to evade the security industry’s latest detection methods. Modern malware, for example, can detect if it is activated in a sandbox and delay its payload until it is passed into the user environment (https://www.menlosecurity.com/blog/emotet-a-small-change-in-tactics-leads-to-a-spike-in-attacks for more details).
Companies today are faced with this new dual paradigm of a changing Internet and increased threat complexity. The security industry, however, has devised an approach to this problem: Zero Trust security.
At the core of a Zero Trust architecture lies the idea that no traffic should be trusted, regardless of whether it originates inside or outside your organization. All traffic should be isolated from endpoint devices. However, while this new approach is comprehensive, it theoretically requires a lot of overhead. Enter the cloud. Placing a Zero Trust security system in the cloud introduces cloud scale and economics, drastically reducing management costs and labor.
Internet isolation fits seamlessly into this cloud-focused Zero Trust architecture.. Internet isolation routes all web traffic via a remote browser in the cloud. It doesn’t matter if the content is good or bad, categorized or uncategorized. It simply assumes that everything is malicious.
Additionally, its cloud-native framework makes it incredibly scalable and agile. IT teams don’t have to configure hardware, and companies don’t have to pay for additional software or machines. Internet isolation can scale as big as your cloud, accommodating fluctuating workforces or business cycles.
If we think about malware in a medical sense, traditional cybersecurity methods play the role of a doctor who is diagnosing and attempting to cure an infection. Internet isolation, on the other hand, acts as a vaccine, preventing an infection from occurring in the first place. It prevents a malware infection from ever occurring on an endpoint device through its default-deny approach.
Internet isolation enables Zero Trust security, giving companies the tools to quickly and flexibly protect themselves from advanced email- and web-based malware. This tandem protection forms the security philosophy of the future, demonstrating that the days of “patient zero” and long breach-to-detection times are at an end.
You can also learn more about how Zero Trust Internet can help you achieve 100% security against phishing and malware attacks in our white paper.
*** This is a Security Bloggers Network syndicated blog from Menlo Security Blog authored by Evan Rittenhouse. Read the original post at: https://www.menlosecurity.com/blog/cant-trust-anyone
