Kaseya, Colonial Pipeline And Other High-profile Attacks Would Have Been Prevented With Zero Trust Security, Expert Weighs In

BACKGROUND:

Zero Trust Security means always connecting users and devices to applications, and never to the network. As a result, threats cannot spread laterally to infect other devices and applications. Because a business’ applications and users are invisible from the internet. If there is no attack surface to exploit you can’t attack what you can’t see. Expert weighs in below if these recent attacks can be prevented if Zero Trust Security model was adopted.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Deepen Desai
Deepen Desai , CISO and Vice President of Security Research
InfoSec Expert
July 8, 2021 11:29 am

<p>Software supply chain attacks, like those against Kaseya VSA, allow adversaries to quickly multiply the scope of their attacks to hundreds or thousands of organizations. For today’s digital businesses, where organizations rely on an ecosystem of technology partners to operate, implementing a Zero Trust security model has never been more critical. Even with trusted tools and partners, organizations should assume that every connection could be a potential attack, and build their controls around identity and business policy enforcement to enable secure access to applications, not the network. <u></u><u></u></p>
<p>Using Zero Trust, applications and resources are not visible and cannot be discovered by the adversaries, thus eliminating the external attack surface.<u></u><u></u></p>
<p>As we continue to see an escalation in both supply chain and ransomware attacks, Zero Trust is the most effective way to reduce business risk, unlike traditional network security approaches that leave the front door open to potential attacks from trusted sources.</p>

Last edited 11 months ago by Deepen Desai
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x