Zero-Trust: Restoring Resilience in the Cloud
Digital transformation and cloud computing have vastly expanded the modern attack surface—which now encompasses dispersed environments, distributed workloads, and assets sprawling across locations. Perimeter defenses alone cannot keep organizations secure 100 percent of the time in this complex threat landscape. As a result, organizations relying solely on traditional perimeter defenses are exposed to dramatically more risk–and they’re suffering the consequences.
A study conducted by The Enterprise Strategy Group (ESG) found that in the past two years, more than three-quarters of organizations surveyed (76%) suffered a ransomware attack and two-thirds (66%) experienced at least one software supply chain attack. The survey only confirms what most of us already know: The scope and magnitude of this ransomware crime wave is unprecedented, and organizations are sustaining meaningful losses regularly.
More and more technology leaders, investors and consumers are demanding change. Organizations need to reduce risk and increase resilience to attacks in the cloud. Enter zero-trust–a security strategy predicated on assuming breach and least privilege.
Our Thinking Must Change
In recent months, a large national hospital chain confirmed it was forced to shut down multiple patient services across several states following a ransomware attack. An ambulance service in New York acknowledged that a ransomware attack affected up to 318,000 patients. And the Georgia State Bar association said that a breach resulted in employees’ personal data losses.
There’s nothing unique about these examples. Breaches of this sort are commonplace now, especially in the cloud. Some of the notable cloud vulnerabilities that cropped up in the recent past include misconfigured cloud storage, weak control pane, exposed S3 Buckets, insecure APIs and unauthorized access—to name only a few. Yet, nearly half of the 1,000 IT and security professionals ESG surveyed said they don’t believe they will be breached. This attitude might seem mind-boggling to some–despite growing ransomware losses, organizations still believe they’re immune–but it’s important to note that a shift in thinking appears to be underway. A growing number of C-suite leaders are embracing zero-trust and the concept of “assume breach.”
We Must Assume Breach
Under zero-trust, one of the most realistic and impactful ways to protect sensitive data and other business assets is to recognize that breaches will inevitably occur. In today’s hyperconnected hybrid world, cloud security will continue to come under increasing attack. We mustn’t forget cloud computing is still built on software and, for that reason, vulnerabilities will be exploited. Breaches are simply bound to happen. The good news is that organizations can minimize their impact by adopting technologies that automatically isolate breaches, like zero-trust segmentation. Zero-trust segmentation isolates attackers and contains the spread of ransomware and breaches across the hybrid attack surface.
Additionally, other zero-trust tools like multifactor authentication (MFA) and single sign-on (SSO) are helpful in shrinking the initial attack surface and mitigating risk exposure from the start.
Start With a Clear Picture
Today, defending complex and distributed environments means raising the level of visibility in the cloud. For example, security analysts have for a long-time feared shadow IT, the practice of employees adding unauthorized apps, as it applies to the cloud. Combating this problem begins by understanding what comprises the vulnerabilities. Various hybrid and multi-cloud deployments create visibility gaps in application workloads, making it difficult to monitor behavior. This creates security blind spots across dispersed architectures–ultimately making the enterprise more challenging to secure.
Organizations need tools that provide complete visibility and insights into vulnerable pathways attackers can exploit across their hybrid IT to gain access throughout an organization. This information helps security teams prioritize where to implement zero-trust architecture first.
Segment and Conquer
A key strategy for preventing attacks from spiraling into calamities is segmentation, one of zero-trust’s primary components. In contrast to traditional perimeter defenses, segmentation’s goal is not to prevent breaches.
Segmentation builds extra protection around applications and data by restricting access to only that which is necessary to stop attacks from spreading to reach critical assets, thereby limiting their impact.
Segmentation isolates compromised systems during an attack and restricts intruders from moving around a network. Not only does this prevent threat actors from locating and pilfering critical information, but it also limits the spread of ransomware. Because cloud environments are so distributed, segmentation is an important part in building resilience throughout a hybrid environment.
Going back to the ESG survey: 75% of the respondents classified as advanced users said they believe purpose-built segmentation tools are critical to zero-trust. Additionally, organizations that adopt segmentation as part of their zero-trust strategy save an average of $20.1 million in application downtime and avoid five cybersecurity disasters annually. Segmentation is a foundational pillar of a resilient security architecture and is paramount for reducing risk in the cloud.
Zero-Trust is the Gold Standard
In the past two years, zero-trust has quickly become the gold standard for cybersecurity, and the industry agrees. For example, nine in 10 respondents in ESG’s survey reported that zero-trust was one of their top three security priorities for the coming year, and 33% said it was their top cybersecurity priority.
As more enterprises integrate their cloud and data-center ecosystems and the adoption of hybrid and multi-cloud strategies increases, visibility across environments will become even more critical to organizational resilience. Security teams cannot protect or defend against what they cannot see.
Against the current backdrop of devastating ransomware attacks, the only way that organizations can bolster resilience in the cloud is with zero-trust. “Never trust, always verify”–that is the way organizations can continue to balance the agility afforded by the cloud with the security demands of customers and stakeholders. Ransomware attacks aren’t going away anytime soon, but that doesn’t mean that every attack or breach in the cloud needs to have catastrophic business and operational consequences.
