Kaseya, Colonial Pipeline And Other High-profile Attacks Would Have Been Prevented With Zero Trust Security, Expert Weighs In

BACKGROUND:

Zero Trust Security means always connecting users and devices to applications, and never to the network. As a result, threats cannot spread laterally to infect other devices and applications. Because a business’ applications and users are invisible from the internet. If there is no attack surface to exploit you can’t attack what you can’t see. Expert weighs in below if these recent attacks can be prevented if Zero Trust Security model was adopted.

Experts Comments

July 08, 2021
Deepen Desai
CISO and Vice President of Security Research
Zscaler

Software supply chain attacks, like those against Kaseya VSA, allow adversaries to quickly multiply the scope of their attacks to hundreds or thousands of organizations. For today’s digital businesses, where organizations rely on an ecosystem of technology partners to operate, implementing a Zero Trust security model has never been more critical. Even with trusted tools and partners, organizations should assume that every connection could be a potential attack, and build their controls

.....Read More

Software supply chain attacks, like those against Kaseya VSA, allow adversaries to quickly multiply the scope of their attacks to hundreds or thousands of organizations. For today’s digital businesses, where organizations rely on an ecosystem of technology partners to operate, implementing a Zero Trust security model has never been more critical. Even with trusted tools and partners, organizations should assume that every connection could be a potential attack, and build their controls around identity and business policy enforcement to enable secure access to applications, not the network. 

Using Zero Trust, applications and resources are not visible and cannot be discovered by the adversaries, thus eliminating the external attack surface.

As we continue to see an escalation in both supply chain and ransomware attacks, Zero Trust is the most effective way to reduce business risk, unlike traditional network security approaches that leave the front door open to potential attacks from trusted sources.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.