Zero trust protects digital identities, measurably reduces cyber crime losses
A zero trust approach improves protection of digital identity and significantly reduces the average losses organisations suffer as a result of cyber crime, with mature zero trust deployments cutting the costs of data breaches by around 40%.
This is according to Dr Ferdinand Damon, IAM Specialist, and Dr Stephen Berjak, IBM Security Services Leader – South Africa. They note that the Cost of a Data Breach Report 2021 finds that data breach costs are hitting record highs, costing South African companies R46 million on average – the highest cost in the six-year history of the report. The report also revealed the growing complexity as security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic.
In the midst of this complexity, companies that adopted a zero trust security approach are better positioned to deal with data breaches. South African organisations with a mature zero trust strategy had an average data breach cost of R29 million – which was R25 million lower than those who had not deployed this approach at all, Berjak revealed.
Berjak notes that zero trust is becoming a focus for organisations faced with soaring digital crime and the challenge of securing remote workforces in increasingly hybrid multicloud environments. He adds that because “zero trust” is a dynamic approach to security that validates requests using a combination of access controls, identity management and contextual data – it addresses the evolving threat landscape ushered in by expanding cloud footprints, increasing remote workforces and newly integrated supply chains.
“A zero trust framework provides a foundation for organisations to address priorities such as assuring customer privacy, securing systems and sensitive data, and reducing the risk of insider threats.
Preserve customer privacy
Customer confidence must be constantly safeguarded by organisations demonstrating continuous efforts to preserve customer privacy.
“Customers can be defined as both external consumers as well as internal employees,” says Damon. “Breaches that expose identity information can have huge reputational and monetary consequences for an organisation. With personal data scattered across data ecosystems, a zero trust approach is needed to secure identity data.”
He adds that continuous verification and assessment of identities and device risk postures allows for the dynamic adaptation of security measures as identity risk level change – transcending traditional functional and organisational boundaries and delivering a security model that is more holistic, multilayered and event-driven.
To supplement the security measures deployed within organisations, users are also being brought into the security process by enabling consent management.
Risk of insider threats
Combining data security and identity and access management data, it is possible to identify risky users through advanced analytics, says Berjak. “Utilising the results of the analytics enhances access control rules that strengthen the least privilege access methodology. Establishing a secure privilege vault with privilege policies can also assist in mitigating insider threat risks by controlling access to high-impact user access. The zero trust methodology strengthens the organisation against insider threats by continuous authentication, utilising risk-based access to challenge a user when risky behaviour is detected,” he says.
Protect the hybrid cloud
For organisations to protect their hybrid cloud infrastructure, it is important to gain visibility over applications and data, no matter where they live, they say.
“As a first step, organisations need to refine and enforce access policies for continuous hybrid cloud protection. In addition, privileged accounts need to be protected for cloud infrastructures, admins and developers. Lastly, organisations need to understand the threat exposure and address any gaps in configurations, patches and weak passwords,” says Damon.
Secure the remote workforce
Berjak says tackling high-priority risk factors provides a systematic approach to secure the remote workforce. “Firstly, organisations should enhance current access control methods with risk-based access and multi-factor authentication. They need to adopt strong identity governance processes supported by technology automation to ensure the right users have the right access at the right time,” he says.
The IBM approach to zero trust
“At its core, zero trust’s mission is to protect data and the identities that access the data. The zero trust approach that IBM implements protects every interaction between users and the organisation's digitally accessible assets,” says Damon.
IBM Security’s zero trust approach unifies and integrates tools and processes to generate context that wraps security around every user, every device, every connection, every single time. This approach provides organisations with adaptive and continuous protection for users, data and assets, as well as the ability to proactively manage threats. This outcome-based approach to zero trust gives customers the freedom and flexibility to take the risks that fuel business growth and build resiliency, without risking security.
By offering a comprehensive IAM (identity and access management) solution, IBM can protect organisations by building access policies with deep identity context. Utilising the risk-based access engine, factors such as location, transactions data and other identity meta-data can be used to either limit or increase challenges to the user, based on the risk levels.
With a zero trust enforcement model in the identity domain, organisations can better prepare for cyber attacks and reduce the losses incurred in data breaches, they say.