Outsmart The Hackers – Implementing A Zero Trust Approach In Your Workplace
Written by Rob Allen, VP of Operations EMEA at ThreatLocker
I like to say I don’t have a fear of heights, but I do have a fear of human error. As Tom Gilb once said; ‘’At the source of every error which is blamed on the computer, you will find at least two human errors, one of which is the error of blaming it on the computer.’’
82% of data breaches in 2022 involved a human element. Whether opening an attachment from an untrusted source or clicking on a malicious link in an email, users are continuously targeted simply because it is the easiest way to gain a foothold in an IT System.
It is now best practice for users in every organisation to complete some level of cybersecurity training. However, it does not change the fact that we’re human and accidents can happen. IT professionals now need to account for user error which could result in significant damages for businesses.
Zero Trust tools, like application control, have long been considered the gold standard in protecting businesses from known and unknown malware, greatly reducing the risk of human error. Unlike antivirus, an allow list controls what software, scripts, executables, and libraries are permitted to run on your endpoints and servers. This approach permits required software to run, but stops malicious and other, unwanted applications from running. This process drastically minimises cyber threats by stopping ransomware and other rogue applications running on your network.
The proactive nature of a Zero Trust Model will assist with safeguarding a workstation and reducing the attack surface of an environment. Using a deny by default approach in your Zero Trust Model could be the difference between a payload being executed or not, as only allowed applications can run.
Secondly, although new, the principle of application containment can block application interaction, preventing common software from Microsoft Office being used to call on tools often used by threat actors like PowerShell and Command Prompt.
A key element of a Zero Trust Model is communicating its benefits to users. CISOs and cybersecurity professionals must communicate the benefits to users, both from an organisational and a personal perspective. -Early, regular communication in implementing a Zero Trust Model is necessary to ensure users are properly informed as to how they can participate and support the approach. Buy-in is critical from the ground up.
Communicating the key benefits of resilience, enablement, and flexibility in allowing new hybrid architectures and working practices will ensure that not only can new business opportunities be accommodated, but that evolving employee expectations can be met securely, with the inherent benefits
The granularity and detail of the Zero Trust Model policies mean that procedures and practices are well documented, well understood and highly detailed which can provide a solid and well-informed basis from which to automate business processes.
Irish organisations should shift their thinking away from perimeters and location and onto a more data- and user-centric way of providing secure, appropriate access to the right resources. A Zero Trust Model is ideally suited to today’s working environment where a hybrid enterprise infrastructure spans on-premises, cloud services and edge computing, that can be accessed by a user anywhere and on almost any device.
Properly implemented, and fully communicated to both the board and the user base, a Zero Trust Model can ensure that organisations are resilient, business enabled and flexible enough to meet today’s demands while remaining secure and compliant.