Weaveworks 2022.03 release featuring Magalix PaC | Learn more
Balance innovation and agility with security and compliance
risks using a 3-step process across all cloud infrastructure.
Step up business agility without compromising
security or compliance
Everything you need to become a Kubernetes expert.
Always for free!
Everything you need to know about Magalix
culture and much more
In 2020, 37 billion records were compromised, a 141% increase over 2019. Ransomware was a part of 676 breaches, a 100% increase over 2019, and breach severity also increased over the year. These facts show that no organization is safe from a cyber-attack or data breach. In this dangerous and complex cybersecurity landscape, traditional security tools like antivirus software and firewalls are inadequate. Organizations now need stronger ways to protect themselves from threat actors. They need Zero Trust security.
Based on the idea of “never trust, always verify”, Zero Trust is a powerful way for organizations to protect themselves from cyber-attacks and data breaches. More and more companies are now adopting identity-first Zero Trust security to protect their assets and data. Here’s why.
As cyber-attacks become more common, more security professionals are turning to Zero Trust to secure their enterprise networks, assets, and supply chains. In fact, between 2019 and 2020, the number of organizations using Zero Trust exploded from 16% to 60%. Two key developments are driving this growth.
One, more organizations are shifting to remote work. While this pivot helps improve employee productivity and maintain business continuity, it also introduces serious security risks, as employees use personal devices for work, access sensitive data through unsecured WiFi networks, and use weak passwords. Such issues make organizations vulnerable to phishing scams, ransomware attacks, and other serious cybersecurity events.
Two, identity-based attacks have increased. In 2020, 89% of hacking attempts on web applications involved credential abuse. Social engineering attacks increased, as did phishing attacks, which soared to 220% during the COVID-19 peak compared to the yearly average.
Cyber-aware organizations know they cannot protect their assets and data with traditional security approaches. That’s why they’re adopting Zero Trust security. From 2019 to 2020, the number of organizations with zero trust initiatives grew 3X, proving its increasing popularity.
In Zero Trust, every network, device, and user is considered untrusted by default. It aims to reduce the attack surface and protect the organization from attacks and breaches. And to make this happen, it treats identity as the new perimeter.
In the past, enterprise IT systems were less complex than they are today. Most organizations had on-premises systems, had no BYOD mobile or remote devices, and third parties rarely accessed company networks or data. But in the modern IT landscape, work has moved out of the on-premises network and into the cloud. To access enterprise assets, users no longer connect through the network, but with their identities. Moreover, each device, user, and the process has its own unique identity. Together, these identities form the new enterprise security perimeter.
Passwords are inadequate to protect these identities. In fact, they can be the cause of dangerous cyber-attacks and data hacks. To prevent unauthorized users from accessing enterprise data and devices, organizations need stronger systems to protect identities. Here’s where Zero Trust security comes in, which many organizations are now adopting for both internal users like employees, and external users like customers, partners, vendors, contractors, and suppliers.
In May 2021, President Joe Biden issued an Executive Order (EO) with orders to strengthen the nation’s cyber defenses against “persistent and increasingly sophisticated malicious cyber campaigns”. The EO specifically calls out the need for a Zero Trust Architecture that “allows users full access but only to the bare minimum they need to perform their jobs”.
A critical component of Zero Trust is the management of digital identities for humans and machines. Identity-based Zero Trust focuses security on the identity layer and applies authentication to the user’s identity, instead of focusing on the network layer and applying authentication to the user’s connection. It continuously monitors all access requests made by every identity to any resource, performs risk analysis, and then determines if the identity should be allowed or denied access.
In this setup, Identity and Access Management (IAM) is crucial to ensure that every identity looking to access enterprise assets can prove that they are who they say they are and that they have the right permissions for access.
Pointing to the SolarWinds supply chain attack of December 2020, Gartner has identified identity-first security as one of the top trends that will “have broad industry impact and significant potential for disruption” in 2021.
Identity-first security requires organizations to move away from security design in terms of the traditional LAN edge. Rather, it requires placing identity at the center of security design and making a greater effort to manage and monitor identities. Considering that 57% of breaches involve insider threats and 44% of businesses have suffered a data breach caused by a third party, organizations should secure all identities – both internal and external – with Zero Trust.
This approach provides security teams with greater visibility into and control over which users have access to what resources. It also increases visibility into risks, minimizes risks such as compromised credentials or incorrect provisioning or authentication, and improves the detection of threats. Over time, identity-based Zero Trust can help improve the organization’s security posture that traditional network-based security just cannot do.
It’s important to keep in mind that no single solution can help implement robust identity-based Zero Trust security. To set up a holistic, fine-grained approach to Zero Trust, organizations must integrate all aspects of the security architecture with an IAM solution.
In addition to Zero Trust, Security-as-Code is a reliable and effective way to streamline security. With Magalix, enterprises can easily codify their security policies to secure their cloud. They can also enforce policies at every step, and implement automatic remediation for a secure and fully compliant infrastructure.
Self-service developer platform is all about creating a frictionless development process, boosting developer velocity, and increasing developer autonomy. Learn more about self-service platforms and why it’s important.
Explore how you can get started with GitOps using Weave GitOps products: Weave GitOps Core and Weave GitOps Enterprise. Read more.
More and more businesses are adopting GitOps. Learn about the 5 reasons why GitOps is important for businesses.
Implement the proper governance and operational excellence in your Kubernetes clusters.
Comments and Responses