Since the beginning of the pandemic, the nature of and targets for cyberattacks have rapidly shifted from mere data and applications to critical infrastructure such as gas pipelines and food suppliers. Additionally, organisations that have been greatly impacted by the pandemic, including healthcare and educational institutions, have become more specifically targeted by threat actors. As this new threat environment spans both the digital and physical worlds, employing a zero trust security strategy is now more critical than ever. In fact, after the latest string of attacks during the first half of 2021, President Biden issued an executive order aimed at improving cybersecurity for both public and private organisations. The order emphasised the importance of a zero trust approach.
A10 Networks has enhanced its solutions to help customers meet and accelerate their zero trust strategies. Zero trust eliminates implicit trust from information technology systems, and is embodied by the maxim ‘never trust, always verify.’ It recognises that internal and external threats are pervasive, and the de facto elimination of the traditional network perimeter requires a different security approach. Every device, user, network, and application flow should be checked to remove excessive access privileges and other potential threat vectors. Multi-layered protection should incorporate controls, from i) foundational visibility into encrypted traffic streams to stop infiltration from ransomware, malware, and other common attacks, ii) application workload protection through segmentation and advanced user authorisation and verification, and iii) sustainable user training in best practices to minimise risky behaviors.
Zero Trust has become a major initiative for many organisations. Gartner observes, “the term “zero trust” has value as a shorthand way of describing a paradigm where implicit trust is removed from all of our computing infrastructure. Implicit trust is replaced with explicitly calculated, real-time adaptive trust levels for just- in-time, just-enough access to enterprise resources.
“Customers are facing unprecedented increases in both threats and vulnerabilities along with a critical shortage of cybersecurity professionals. Now with threats crossing over into the physical domain, it is more critical than ever before to ensure safety, security and compliance. Service providers and enterprises are modernizing their security approaches as recommended by the zero trust security model to ensure digital resilience and successful business outcomes,” said Dhrupad Trivedi, President and CEO, A10 Networks.