It seems like there are more acronyms, labels and methods for bolstering security than ever before – and making sense of them all is proving to be just as complex as the infrastructure they’re meant to secure.
One widely embraced term, zero-trust architecture (ZTA), calls for continually vetting users as they access different applications and devices in a network. With a long list of requirements like multifactor authentication (MFA), identity verification, and traffic encryption, ZTA surely provides a comprehensive framework for securing your digital environment. But does it enable the most productive workflow? The short answer – not always.
Businesses embracing ZTA often implement siloed solutions. However, as we’ve seen with surging supply chain attacks, hackers often move laterally across the network, and fragmentation can create unknown vulnerabilities for them to exploit. Without strong integrations between solutions, ZTA can also require frequent verification and re-authentication between applications – not an ideal workflow.
There’s no slowing the growth of IoT and hybrid work environments, or the emerging technologies meant to secure them. So, analysts have come up with a new term that goes beyond ZTA and suggests a deeper, better integrated layer of security: cybersecurity mesh architecture (CSMA).
What is cybersecurity mesh?
Cybersecurity mesh was coined by Gartner to offer a new perspective on strengthening security, and it should be viewed as the foundation to build your ZTA. By connecting the security tools used across a network, CSMA bolsters defenses around every critical access point, rather than traditional security around the perimeter.
As organizations embrace digitalization, strong integrations will be key to enabling seamless, invisible security. By acting as an identity fabric grounded in flexibility and scalability, CSMA calls for integrations that leverage analytics to help organizations remain adaptable, defensive and responsive in the event of a cyber incident.
However, to implement effective CSMA, it’s important to understand the trends and changes that led to its development.
Changes in the cyber landscape
The traditional perimeter for user access has disappeared. Remote access is now necessary for businesses – from third-party vendors to users working from home. While a virtual private network (VPN) or remote desktop protocol (RDP) was once effective in preventing breaches, evolving attacks prove they just aren’t enough.
Hackers are setting their targets on access points that allow for lateral movement, often through a VPN or RDP. This is becoming more common as it allows hackers to move through the network until they reach the most valuable data to breach, such as financial information. Users connecting from more devices and locations adds to the complexity.
All this creates a decentralized environment, introducing new risks that typically didn’t threaten the previous ‘castle-and-moat’ method of security.
Impacting over 18,000 customers, the infamous SolarWinds attack is an example of how costly and widespread these attacks can be. It stands out as one of the most sophisticated hacks against critical infrastructure.
The threat to the global supply chain is imminent. While some may view cybersecurity mesh as another buzzword, all organizations should consider it when developing a digital identity strategy and building ZTA.
The next defense: implementing cybersecurity mesh
By 2024, Gartner predicts that organizations with CSMA will reduce the financial impact of individual security incidents by 90%, on average. Unfortunately, the next attack is a matter of if, not when. To ensure your business doesn’t fall victim, follow these steps to secure your integral assets with cybersecurity mesh:
- Identify your critical access points. Understand where the most valuable data is stored and how it’s accessed. Establish authentication methods and access policies around those points, ensuring the solutions used are well-integrated.
- Strategically outline your plan for ZTA and move away from VPN and RDP access. Enforce a ‘never trust, always verify’ approach. Start by implementing MFA at the most valuable touchpoints to control who has access to essential data. This is the simplest way to prevent lateral movement even if there is a breach.
- Use analytics to monitor and audit user behavior. These tools give organizations clarity and insight into user access and movement – allowing them to identify suspicious activity that might lead to a breach and empowering them to act before one occurs.
- Assess and establish better relationships with third parties. Third-party connections are a primary gateway that cybercriminals take advantage of in gaining access to valuable data. Improving visibility into their external users and operations is key for an effective cybersecurity mesh strategy.
By ‘meshing’ together these cybersecurity solutions, businesses can validate the specific access privileges for each digital identity. This provides a cohesive blueprint for governing user activity, completely safeguarding critical assets. Cyber threats will only grow more agile and sophisticated. To protect your organization from the breaches of the future, consider trending efforts, like cybersecurity mesh.
Wes Wright is the Chief Technology Officer at Imprivata. Wes brings more than 20 years of experience with healthcare providers, IT leadership and security. Prior to joining Imprivata, Wes was the CTO at Sutter Health, where he was responsible for technical services strategies and operational activities for the 26-hospital system. Wes has been the CIO at Seattle Children’s Hospital and has served as the Chief of Staff for a three-star general in the US Air Force. He holds a B.S. in Business and Management from the University of Maryland and received his MBA from The University of New Mexico. Connect with Wes on LinkedIn.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply