Nexio and Cisco: Reducing cyber crime risks with zero trust security

Issued by Nexio
Johannesburg, 20 Jan 2023
Naeem Cassim, Cyber Security Consultant at Nexio.
Naeem Cassim, Cyber Security Consultant at Nexio.

Nexio delivers digital capabilities and modernisation to its customers, aligning the best suited technology solutions to their strategic and business requirements. Yet as technology becomes a crucial part of every organisation, the risks posed by cyber crime threaten to undo all that investment. Businesses need safety alongside digital improvements. To help them remain productive while reducing their cyber risks, Nexio partners with Cisco to deliver true zero trust security.

Nexio has a well-established and broad cyber security capability that ranges from point solutions to managed security services and consulting engagements, all executed through a systematic and holistic approach. Its security services follow zero trust principles – the most effective way to handle cyber risks and threats in today's post-parameter technology environments. This is underpinned by an experienced team of professionals with significant experience in the industry. “We believe in being an extension to our customer’s team and look to create close relationships to deliver on our customer’s requirements.

“Furthermore, we have formalised our Managed Services and Security Operations Centre (SOC) offerings so that the transition from the customer to our support platform is seamless and painless. We implement this in a planned and phased manner so as not to disrupt business operations. Our framework to deliver cyber security services, whether from a technical, consulting or assurance perspective, is always based on industry recognised frameworks and processes, ensuring we deliver the best value and service for your investment,” says Naeem Cassim, Cyber Security Consultant at Nexio.

Zero trust reduces cyber risks

"The actual workspace environment has changed – work is now a function rather than a physical place," says Greg Griessel, CyberSecurity Technical Solutions Architect at Cisco.

"The old security model of saying that the inside of the network is a good area and the outside is bad – that has been flipped on its head. We use more and more SaaS applications, we work from home or different locations, we are no longer bound to the boundaries of the network itself. This new reality needs zero trust to be secure."

Zero trust is the view that access is not a right but a privilege. Since criminals exploit the permissions accrued by user accounts, a zero trust environment focuses on minimum access rights, verifying users and actions to see if they are trustworthy. This approach has many advantages, including that even if a breach or other security failure occurs, zero trust systems limit the scope and damage.

"You can think of zero trust as being at an airport," says Griessel. It's not that hard to get dropped at the entrance with your bags. But if you want to move into other areas, you need different types of credentials. You can't enter the boarding areas without a ticket or international areas without a passport. You can't board a flight unless you've checked in and you can't just wander into secure areas or decide to visit the control tower. Zero trust security is the same: it looks at a variety of factors such as who you are, where you are and what you are trying to do. If any of that seems suspicious, it stops you."

Security for productivity and strategy

But zero trust is not just about security. Comprehensive zero trust, delivered by Nexio and Cisco, also empowers productivity. Rather than fatigue users with dozens of different multi-factor authenticators, they are offered consolidated interfaces with single sign-on features. In the background, with continual security delivered through assessments, monitoring and incident remediation.

Nexio and Cisco establish zero trust for security needs through six principles: identify assets; verify devices and users; map workflows; define and automate policies; and test, monitor and maintain.

No two customers are the same. Each customer, irrespective of size or type of business, has different security requirements. Cassim says: “We tailor our solutions and offerings based on each customer’s needs and drivers. Nexio has a team of trained security engineers and we continue to grow our teams and expand our capabilities, including cloud security, security services edge, technical and framework assessments and identity management offerings. Our capability stands on the technologies of top vendors such as Cisco, with which we are a Global Gold partner, and our internally developed technologies, including managed security service options and our newly established security operations centre. Nexio security is designed for scale and to be relevant to each of our customers' operations.”

Nexio's security services feature 24 areas, divided among security consulting, managed security services and cyber defence. Utilising security frameworks such as ISO27001 and NIST CSF, we combine a wide range of effective cyber risk management services. These include but are not limited to:

  • Technical security assessments;
  • Secure web gateway;
  • Privileged access management;
  • E-mail security;
  • Virtual CISO;
  • Data loss prevention;
  • Industrial control security;
  • Cloud security;
  • Zero trust network access;
  • Vulnerability management;
  • Automated penetration testing; and more.

“We've successfully established many Cisco implementations among customers – Nexio's security professionals are experts in this space. Our ability to scale and make an impactful delivery ensure that our customers' cyber and digital risks are in a good space, based on formalised SLAs,” he concludes.

Share