Today’s columnist, Greg Higham of Malwarebytes, says ransomware groups like REvil have proliferated during the pandemic, most recently hitting meat packing plant JBS. Increased ransomware attacks coupled with the need to secure remote workers has led to corporate acceptance of zero trust. MizzouCAFNR CreativeCommons CC BY-NC 2.0

We’ve heard it over and over: The threat landscape has constantly evolved as threat actors continue to identify new opportunities and develop more sophisticated tactics to exploit consumer and corporate data. Despite these warnings, cyberthreat activity has only accelerated in the last year as millions of people were asked to navigate new ways of working and adapt to the new constraints brought on by the pandemic.

In fact, according to the Malwarebytes 2021 State of Malware report, ransomware attackers like REvil (aka Sodinokibi) claimed to net $100 million from extortion threats in the last year, where they demanded payment in exchange for not posting stolen data. Additionally, new vulnerabilities in VPNs and reports of ransomware being delivered through remote desktop protocols (RDPs) are examples of alarming changes in the threat landscape of which security teams must stay aware.  

Because of these factors, the adoption of the zero trust security approach has gained credibility. To help security teams better manage more endpoints and protect hybrid workers, zero trust models are now used to implement stronger protections across private networks. By turning the traditional security mentality of internal trust on its head, zero trust models help security teams redefine the network perimeter and implement verification tactics for both internal and external users. This helps organizations better address the very real danger of insider threats by delivering more visibility into incoming and outgoing traffic and having stronger control over the flow of information. To successfully establish a zero trust framework, here are three steps to consider:

  • Evaluate network access needs and requirements.

It’s important for organizations to evaluate the various functions and specific needs across the business to determine appropriate user access requirements for sensitive data. This process should include considering who, outside of the company’s network, will need to access infrastructure to effectively complete their jobs. Once the roles of the user base have been established, it’s important to develop a well-thought-out access and permission policy to confirm how much information users can access. If done correctly, proper segmentation of data and resources can significantly reduce an organization’s attack surface by protecting critical intellectual property from unauthorized users.

  • Follow a step-by-step strategy for transition and execution.

 Security teams often find it easier to build a zero trust framework from the ground-up rather than reorganizing an existing network. However, an existing network will need to maintain operations until the zero trust network has been completed. Because of this scenario, its important to develop step-by-step strategy to ensure that both networks can remain secure and operational throughout the transition process. This could include reorganizing specific functions, deploying software, and onboarding employees in sections, rather than all at once.

  • Educate and spread awareness.

Finally, it’s important to educate employees via training sessions to strengthen security awareness across the organization and ensure easy adoption. Foster proper buy-in and understanding from users across the network to ensure a smooth and easy transition, while strengthening the company’s overall security posture when it comes to recognizing and addressing possible security threats.

Zero trust models are critical tools in protecting organizations in today’s ever-changing threat environment. By providing visibility across the network and establishing access controls to protect valuable data and resources, zero trust strategies can change the game both now and in the future, ensuring that organizations are fully prepared for the next shift in the workforce. 

Greg Higham, executive vice president and CIO, Malwarebytes