The iconic 1987 movie The Untouchables portrays one of the main characters posing the question, ‘Who can you trust?’ The question, and the answer, delivered forcefully by the late acting legend Sean Connery, was ‘no one’. Art imitates life because as we go into 2024, this was never truer in a world of exponential cybercrime stats.
Conducting business in the digital age has never been more challenging. In the Zero Trust cyber security model, nothing is more important than proactively safeguarding enterprise data. Fortunately, many technologies exist to do just this. Zero Trust technologies must work cohesively and closely together if they are to offer complete coverage from threats. While they can be broken out individually, a true Zero Trust solution requires an intricate web of protection, arranged strategically for the enterprise’s unique needs across all attack vectors.
Compliance nuances of industry sectors
Each industry, region and country has its own set of regulations and standards that must be followed. For example, the financial industry is a premium cybercriminal target. The Payment Card Industry Data Security Standard (PCI DSS) addresses the protection of credit cardholder data. The requirements apply to all system entities and components involved in the Cardholder Data Environment (CDE) - users, process workflows, and network or system devices that store and transmit cardholder or authentication data. There are twelve stringent mandatory requirements that must be met by the PCI DSS sector, which I will not list in detail, but these are just a few of the regulations to be aware of when conducting business in today’s digital economy.
Given the complexities of the PCI DSS, enterprises need to enlist the help of legal, information security, IT, risk, and operations teams to make sure that all the bases are covered.
The important thing to understand is that it is not only your organisation that must be compliant. Businesses working with non-compliant third parties can be liable for damages along with the original culprit company. To protect the enterprise and its customers, every third-party vendor’s privacy, risk and compliance programs must also be vetted – as painful as that might appear in terms of time and cost input, but it is essential.
Enterprise businesses need technologies that enforce governance and regulatory compliance policies from end to end, and that can be updated as new standards emerge. These technologies have been innovated to protect the enterprise before an issue arises, falling under the category of proactive zero trust technologies, including:
• Cloud workload security.
• Encryption.
• Network security.
• Policy management.
• Web-application.
• Firewalls.
In more detail
Cloud workload security technologies protect workload execution in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) environments. These solutions offer automated and layered controls to secure the configurations, network, applications and storage of hybrid cloud hypervisors and workloads.
Cloud security gateways provide visibility into how data moves to and from cloud services. It also enforces usage policies to cloud traffic and data by applying a proxy. Cloud security gateways reduce operational and investment costs while increasing business agility.
A distributed denial-of-service (DDoS) attack overwhelms a targeted system by flooding it with traffic and requests from multiple sources, making it unresponsive to its intended users. This type of cyberattack is carried out by machines or ‘bots’. DDoS mitigation solutions drop the bad traffic before it affects the end-user experience. DDoS mitigation technologies are essential for industries relying on significant revenue from e-commerce or online transactions. They ensure customer-facing sites and applications are resilient and protect revenue-generating transactions.
Email security is particularly important because of the trend to migrate from self-managed on-premises email to cloud email, such as Office 365. Email security technologies generally include anti-spam, anti-phishing, anti-malware (including ransomware), data leak prevention and encryption techniques. These solutions also monitor outbound email traffic to thwart data loss and encrypt sensitive data.
Encryption technology is essential. It is one of the most effective implementations of data security to prevent theft and protect privacy. Through a confidential key known only to the intended recipient, encryption renders data unreadable to unauthorised parties.
Endpoint security solutions protect endpoint devices like laptops, mobile phones, IoT devices and servers. This is crucial in the world of remote working. Deploying endpoint security is one of the most practical ways to enforce Zero Trust measures—including least privilege policies, user access control, and location and traffic monitoring.
Endpoint detection and response (EDR) is an important subset of endpoint security that should be implemented on all enterprise endpoints to monitor for threats. Once a threat is detected, this technology alerts the cyber security team, isolates the endpoint and remediates it, returning the IT environment to a trusted state. EDR is the last line of defence against digital theft. It focuses on uncovering and remediating issues before they escalate into more intrusive data breaches.
This approach to protecting endpoints eases the burden on the security team to track, detect and respond to threats. By alerting the team to the most relevant and critical security information first and automating manual and repetitive tasks, security teams can use their resources where they matter most.
The bottom line of cybersecurity is that complacency is very dangerous. Businesses need to protect their most valuable asset – information – and doing that means taking cybersecurity seriously and committing to continuous improvement. It means jettisoning old ways of thinking and implementing a Zero Trust infrastructure, which, it must be stated, is not just about technology deployments and introducing policies. What is needed is a paradigm shift in organisations’ approach to data protection and compliance.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version