Business Reporter - Technology - Prepare to be hacked: the radical cybersecurity strategy that could save your business

If you’re struggling to prevent cyberattacks from entering your network, Mario Espinoza, Illumio’s chief product officer, has some advice you might not expect from a security vendor: admit that you can’t.

“The breach is going to happen no matter what,” he said. Today’s IT environments are simply too complex to prevent them, he says; attacks that are too advanced; too many technical defects. And most importantly, people are just too prone to human error.

The sooner security leaders stop trying to prevent and contain breaches, the better off we will all be. “If you’re a sensible organization, you’re going to accept it,” Espinoza says. “The question now is: how do you prevent the attacker from moving to other parts of your organization? »

The answer? Zero trust.

As the term suggests, Zero Trust is a security model based on the principle “never trust, always verify”. Unlike traditional security focused on protecting the network perimeter (a “moat and castles” approach), Zero Trust assumes that every connection poses a potential threat. Resources are protected regardless of the origin of the connection, inside or outside the security perimeter. (If a perimeter still exists.)

“Zero Trust protects you before attacks happen. » said Espinoza.

Microsegmentation is one of the key pillars of Zero Trust. Rather than having a large open space protected by a perimeter, microsegmentation divides the environment into very small areas around individual workloads.

For years, even those who agreed in principle with Zero Trust struggled to use it in practice. The deployment was slow and expensive. And when the network environment changed, the IT team had to readjust firewall rules and other controls – manually, in most cases.

Keeping pace has become even more difficult with the rise of hybrid environments, where workloads are constantly moving up and down in the cloud, on virtual machines, and in containers. Today’s IT teams typically manage a complex mix of on-premises data centers, multiple cloud providers, remote workers, IoT devices, and operational technologies.

In the eyes of many security leaders, the downsides of this new approach outweighed the potential benefits.

Become mainstream

But that is changing, thanks to two converging trends. First, cyber threats have only increased over the past 15 years. The creator of Zero Trust, John Kindervag, was the first to introduce the concept of Zero Trust.. Violations have become so frequent that only the most significant ones are considered newsworthy. And each headline serves as another reminder that old security models no longer work (if they ever did). The second trend is more encouraging: modern Zero Trust tools have become easier to use, with AI and automation helping to simplify the process.

“It’s not like people realize now how effective the lockdown is,” Espinoza says. “But technology has evolved.”

In doing so, Zero Trust has evolved from an aspirational theory into a security canon.

In 2021, the White House released Executive Order 14028which mandated the adoption of Zero Trust across all federal agencies. (Government departments are at different stages of deployment.)

The technology sector quickly got behind the idea. Most market research companies are now urging their clients to adopt Zero Trust and microsegmentation in their cyber defenses. All major cloud platforms now integrate Zero Trust principles into their security offerings. And all major infrastructure players are integrating Zero Trust features into their core products.

Perhaps most notable is that private sector giants such as JP Morgan Chase and Bank of America – typically reluctant to reveal their defense strategies – have publicly documented their Zero Trust journey.

According to research firm MarketsandMarketsthe global Zero Trust security market will more than double from 2022 levels to $60.7 billion by 2027. And Forrester Research, where Kindervag introduced the concept of Zero Trust, says that more than 60 % of companies are already deploying or expanding their Zero Trust efforts. .

Enter AI

One of the biggest changes in the threat landscape is the rise of AI-based social engineering attacks, Espinoza says. Attackers are already using it to create very convincing phishing attempts and even clone voices for spoofing attacks. These attacks will only be more effective, prompting security managers to adopt a containment strategy.

“The weakest link today is the human at the keyboard,” he says. “Hacking humans is so easy. This ensures that the violation will occur no matter what.

The rise of security graphics

Espinoza believes safety leaders should start thinking about new approaches, such as safety graphics. Rather than looking at individual workloads in isolation, a security graph can analyze traffic patterns between different parts of an IT infrastructure to detect potential threats.

Such approaches have already been proposed. But given the massive amount of data involved – think terabytes and petabytes – this hasn’t been practical. Today, innovations in data processing and AI are finally putting them within our reach.

The way forward

For those looking to adopt Zero Trust, Espinoza recommends starting with visibility rather than jumping straight to deploying controls. Identifying vulnerabilities and potential attack paths is valuable in its own right. And mapping how data flows through the environment lays the foundation for setting Zero Trust policies.

As threats evolve and IT environments become more complex, this shift toward containment will only snowball, he said. Prevention and detection remain important. But they alone are no longer enough to protect against current threats.

Espinoza admits that these new approaches will not reduce the number of attacks. But they can considerably limit their impact, he says. “We can make the attackers’ lives much more difficult. With adequate containment, an attack will not turn into a cyber disaster.

Contain the breach with Illumio