Minimize risk to business operations
By Marc Lueck, CISO EMEA at Zscaler
Marc Lueck, CISO EMEA at Zscaler
The vulnerability recently discovered in the popular data library Apache Log4J Logging has the potential to shake the foundations of traditional security parameters. This gap illustrates the limitations of traditional security and shows how newer zero-trust-based approaches can help to circumvent these hurdles.
A traditional security model is comparable to measures that are taken to secure a house. All doors are locked and windows are closed to keep out unwanted intruders. The situation is similar with network security, where hardware infrastructure at the perimeter seeks to lock out the attackers. However, the latest security vulnerability shows that IT teams have to improve their infrastructure every time a newly discovered threat is detected – and are thus transferred back to the beginning every time. It is now time to frantically close the floodgates by applying patches for the discovered zero-day gap on all hosts. This is the only way to mitigate the risk of an attack on the entire network. Because of the wide distribution of Apache in companies, this vulnerability invites malware actors to penetrate and spy on the network for large-scale attacks. So if this vulnerability has brought something to the attention of companies, then it is the inability of traditional network security to deal with the various attack mechanisms of our time.
So it’s high time to think about which security approaches can actually help digitized companies minimize risks. Data has left the data center and has been moved to the cloud. In hybrid working models, employees have also left the secure network perimeter behind. How can network security still provide sufficient protection for users and cloud workloads, such as data and applications in the data center? New security architectures are needed for this scenario.
If every single device in the IT ecosystem were an island, then protection gaps like Log4J would not have such a devastating impact. Although individual hosts are vulnerable until the gap is closed, isolation no longer puts the entire network infrastructure at risk from a single infection. A user would only be able to use the functionality of this island if he has the authority to do so. This is the zero trust approach. This security model is based on the assumption that no device is given a trust advance until it has been validated and authorized. In this way, the entire network is not vulnerable to an attack if a device turns out to be vulnerable.
By switching to a cloud-based zero trust security architecture, companies cannot influence the occurrence or the harmful potential of vulnerabilities, but they can certainly minimize the risk to their business operations. A change in architecture can end the constant struggle of having to be one step ahead of attackers in order to achieve detection and distraction of IT attacks. Zero Trust simply takes the wind out of the sails of future attacks.