The return to semi-normal looks as though it is on the horizon, but COVID-19 has changed organizational priorities as well as long-term operations. Companies are equipping themselves for a larger contingent of remote workers, and making sure that they can collaborate productively and securely is top of the agenda for 2021. In usual fashion, here’s the top Zero Trust news for March.

This month’s Zero Trust Digest looks at:

  • IDG’s cybersecurity report
  • NSA guidance on Zero Trust architecture
  • A productivity and security study by LogMeIn
  • A comparison of Software-Defined Perimeter (SDP) and Reverse-Proxy Zero Trust architectures.

Cybersecurity at a Crossroads: The Insight 2021 Report

IDG produced a survey looking to measure the confidence levels in current enterprise security postures and identify roadblocks to improved security as well as modernization priorities. Here are some of the key findings.

Against the backdrop of scaling distributed IT environments and securing against new types of attacks in a remote work environment, enterprise security posture has received increased focus at the board and senior executive level. 68% of respondents to the IDG survey strongly agreed that the board and/or executive team is more focused on security posture than they were in the past.

Despite increased efforts, 78% of respondents lacked confidence in their security posture. Two-thirds of companies surveyed accelerated 5-6 security projects in 2020 (endpoint security, threat visibility, incident response, identity management, edge protections) while priorities like SecOps and staff expansion were lowered.

Areas where survey respondents felt least confident included:

  • Overall strategy and roadmap (32%)
  • Technology and tools (30%)
  • Internal teams and skillsets (27%)
  • Executive support and budget for risk mitigation (26%)
  • Data management strategy (20%)
  • Ability to keep up with the pace of change (15%)

The common SecOps and management challenges for businesses include:

  • Lack of automation (55%)
  • Outdated network access control solutions (47%)
  • Legacy infrastructure unable to handle today’s threats and cloud environments (45%)
  • Lack of skill cybersecurity staff (43%)

The necessity to deploy new remote work scenarios quickly and effectively invited a host of unfamiliar risks that had to be mitigated. Security modernization priorities shifted, the majority focusing on IAM:

  • Identity & Access Management (IAM) (72%)
  • Threat visibility/identification (69%)
  • Edge protection (53% )
  • Endpoint security (52%)
  • Incident response (52%)

Cybersecurity modernization is a top priority moving forward with 41% planning to begin or resume staff expansion in 2021 and 42% planning to begin or resume modernizing security operations in 2021.

You can read the full IDG report here.

Ensuring Productivity & Security in the New Remote Work Era Report

LogMeIn’s Ensuring Productivity & Security in the New Remote Work Era Report highlights that there are clear deficiencies in existing remote working practices. 79% of US respondents to the IDG survey noted that remote working has exposed them to cyber risks.

Top concerns include:

  • Providing secure access to applications (28%)
  • Securing home and mobile networks (34%)
  • Network connectivity (39%)
  • Cybersecurity management (40%)
  • Providing secure access to data (47%)

Remote working is no longer limited to a small subset of employees, it spans the entire workforce and needs to be designed accordingly. It’s not a matter of retrofitting existing solutions, IT buyers must prioritize solutions that are secure, simple, and easy for support technicians to use.

Here’s the full report.

NSA Issues Guidance on Zero Trust Security Model

The National Security Agency (NSA) published a cybersecurity product last month on Embracing a Zero Trust Security Model explaining the foundational elements of the Zero Trust model, the benefits as well as challenges of implementation.

The guidance document highlights an evolving threat landscape, dispersed corporate network and the need to balance robust security alongside user experience are drivers of the Zero Trust model.

Zero Trust assumes a breach is inevitable or has already occurred, so it applies the principle of least privilege to limit access to only what is needed. Zero Trust requires comprehensive security monitoring, granular risk-based access controls and automation to ensure that security is consistently managed across IT infrastructure.

The NSA details a number of use cases for Zero Trust including preventing account takeovers due to compromised user credentials, remote exploitation or insider threat and compromised supply chain attacks.

The transition to Zero Trust cannot be done overnight but needs to be done incrementally. IT teams will have to take stock of what capabilities they have already, plan out a roadmap and address any deficits.

You can read the full NSA guidance here.

How to choose a Zero Trust architecture: SDP or Reverse-Proxy?

The Cloud Security Alliance (CSA) recently published a blog comparing the two prominent architectures of Zero Trust: Software-Defined Perimeter (SDP) or reverse-proxy, as well as how to evaluate them.

The article discusses the growing need to implement Zero Trust with application access, conditional access, unmanaged and BYO device enablement amongst an increasing pool of use cases.

Here’s the high-level overview for each architecture:

SDP architecture

The ZTNA Controller denies access to any application until authentication is complete, before then the Gateway does not permit any traffic to flow. Because the Gateway drops all traffic sent by unauthenticated users and devices it effectively makes the application invisible.

Reverse-proxy architecture

This model requires a connector to be installed on the same network as the application, which establishes an outbound connection to a ZTNA Proxy. Users must then authenticate with the ZTNA Proxy, which verifies credentials against the organization’s identity management system. Once authenticated, traffic is allowed to flow between the device and application via the proxy.

For a full breakdown of the differences between SDP and reverse-proxy, you can read the blog here.

Previous Zero Trust Digests

Catch up on previous Zero Trust Digest’s here: