Here’s the thing – if a data breach has occurred, it’s already too late. Data breaches typically cost a company several million dollars, not to mention immeasurable (often irreversible) damage to their reputation. In a recent study, one-third of customers that were notified of a vendor breach said they would no longer do business with that company. With cybersecurity, the best medicine is preventative – companies need to protect against cybercrime and data breaches before they happen.
Traditional security approaches such as firewalls try to create a secure area. But that doesn’t work in a modern setting because of the adoption of cloud software and mobile access, as well as the sophistication of hackers. That means you need to adopt an approach that recognizes the importance of your data everywhere.
Today, cybersecurity is a $125 billion industry, but data breaches are showing no signs of stopping. There’s a very palpable need for a new way to approach cybersecurity strategy.
In our view, that approach is Zero Trust security. Zero Trust is basically a set of lenses to evaluate each and every user, verify who they are, see what data they want to access and what security state they’re in. You have to limit that access in a way that minimizes the exposure and attack surface, vastly reducing opportunities for bad actors to operate in.
Zero Trust operates on three core premises to achieve maximum security: 1) Verify every user. 2) Validate every device. And 3) Intelligently limit access based on users’ specific needs.
Cybersecurity training and awareness alone aren’t enough, it only takes one weak link to compromise access. Companies have to operate on the assumption that their security layers can always be breached at any given time. Zero Trust embodies this approach – it’s constantly one step ahead, and operating as if every entry point is a threat, constantly limiting access to address that concern, while also not overly burdening users with unnecessary authentication.
According to IDG, Zero Trust is the most researched cybersecurity trend, more than biometric data, and more than blockchain (if you can believe that!). We’re excited to see it catching on, and we’ll continue to promote it as one of the best security postures a company can take today.
This post originally appeared in a Quora Q&A session hosted in May 2019. Our CEO Danny Kibel was asked to give his opinion on the state of cybersecurity, Zero Trust, working in the security field and entrepreneurship, among other things. For more of his answers visit Quora.
*** This is a Security Bloggers Network syndicated blog from Articles authored by Danny Kibel. Read the original post at: https://www.idaptive.com/articles/how-can-companies-and-individuals-best-protect-themselves-against-cybercrime/