The zero trust blindspot

Zero trust architecture is undoubtedly the future of cybersecurity. It does not however typically extend beyond network access, which is a shortcoming that will eventually come back to bite the information security community as a whole, says Pete Smith, archTIS VP and General Manager of EMEA.
Zero trust architecture is undoubtedly the future of cybersecurity. However, it does not typically extend beyond network access, which is a shortcoming that will eventually come back to bite the information security community as a whole, says Pete Smith, archTIS VP and General Manager of EMEA.

It’s easy to be seen as paranoid in cybersecurity. The threats we face are often silent and complex; the solutions we create to combat them are quietly implemented, not giving attackers any more information than they already have on what they are up against. This creates a lot of noise around the issues, and virtually nothing when it comes to solutions.

The push to zero trust architecture is a breath of fresh air to the status quo. It is a real, proactive response to the constant looming threat of breach from increasingly sophisticated hostile actors. It changes the ‘default state’ to denying access to outside the network, unless they can verify themselves. This fundamental shift in ethos moves the security industry forward.

There is, however, a blind spot not currently being addressed, and because of it, we’re likely to see a deflation of the Zero Trust hype: securing the data itself. Without applying the same principles of Zero Trust to the data behind the network it protects, we’re still in for the host of data breaches caused by what the security world calls ‘insider threats’. The term covers everything from corporate spies and moles deliberately leaking information or selling it to the highest bidder, through to negligent office workers leaving a laptop on a bus or sharing a file with the wrong email address. 

Let’s use an example from right here on British soil: the recent breach of UK Special Forces personal data via WhatsApp. There are few organizations globally with more incentive to keep personal data secret than the MOD officials who deal with personnel in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment. Yet, this individual could download a sensitive excel file with their names, ID numbers and previous roles within the military completely unimpeded and subsequently share it with the world on WhatsApp.

The incident is just one of many. Corporate security teams are full of stories where user error or malicious actions completely invalidate millions of pounds spent shoring up the perimeter. Unfortunately, it simply does not matter how resilient your network is; these solutions are not built to detect threats coming from within the perimeter. Other solutions that attempt to address this gap, such as SIEM and behavioural analysis tools detect potential issues after the fact and can take months to identify a problem. Fortunately, there is a solution to stop data loss from negligent and malicious insiders altogether: Attribute-Based Access Control (ABAC).

ABAC extends the zero trust security model to the file level. Instead of being able to access a document on a server automatically because you are already authenticated into the system, it will instead determine whether you can access the file by evaluating attributes (or characteristics of data and/or users) to determine a given file’s access, usage and sharing rights.

The advantage of a data-centric ABAC-based security approach is that an individual file’s access rights can be dynamically adjusted based on the sensitivity of the file and the user’s context in real-time to evaluate and validate each file’s attributes. This includes security classification and permissions and attributes such as security clearance, time of day, location, and device type to determine who can access, edit, download, or share a particular file. Like Zero Trust network architecture, ABAC sets the default to deny access unless these attributes can be validated against business policies governing access and sharing conditions.

According to the 2021 Verizon Data Breach Investigation report, data mishandling by insider threats is the top source of insider-related data breaches. Additionally, the pandemic has made it possible to collaborate virtually with software such as Microsoft 365 across many different geographies. This is a perfect environment for insider threats to flourish.

READ MORE:

With the push to Zero Trust, we have a rare opportunity not just to fix today’s pressing cybersecurity issues, but to nip the next step that attackers will likely take to circumvent the onerous task of breaching a network, stealing credentials and utilizing insider threats. ABAC is that solution, but only time will tell if we adopt it in time.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...