Traditionally, companies kept cyberthreats at bay by establishing a strong perimeter (e.g., using firewalls) around their network. Users inside the network are then assumed to be trustworthy, so they are free to move laterally to access company data and other resources. While such a security model may have been sufficient before, it is no longer effective against modern cyberthreats, which keep growing in number and sophistication. Businesses must therefore adopt a more stringent approach to cybersecurity: the zero trust security model.
What is the zero trust security model?
The zero trust framework is based on the principle "never trust, always verify.” This means that you should not give any user — even your long-term staff or senior managers — access to company data and IT resources until they have been thoroughly verified. You can do this by implementing multifactor authentication in which users must provide more than one piece of evidence to prove their identity. By doing so, you can protect your company network from both outsider and insider threats.
What's more, zero trust acknowledges the fact that breaches are inevitable, so organizations should limit user access to only what users need to accomplish their tasks (i.e., role-based access control.) IT admins must also monitor each access attempt. These measures prevent users — including cybercriminals — from moving laterally across the network, mitigating the potential impact of breaches.
Why should your company implement zero trust security?
There are two main reasons why businesses should adopt the zero trust framework.
Insider threats are a growing security risk
According to Ponemon Institute’s 2022 Cost of Insider Threats Global Report, addressing insider-led incidents is becoming more costly — from $11.45 million in 2020 to $15.38 million in 2021. The frequency of such incidents also rose by 44% in 2021.
The report identifies three types of insider threats:
- Negligent insiders – regular users and IT administrators who unwittingly endanger the organization by accidentally sharing sensitive data, falling for phishing scams, and failing to update their software, among many other actions
- Malicious insiders – users and IT admins who purposely take actions that cause harm to the company to seek revenge, gain profit, or spy on company operations
- Credential insiders – cybercriminals who steal user or admin login information to gain access to company networks
|Insider type||% of incidents||Cost per incident||Annual total cost to organizations|
|Negligent insiders||56%||$485,000||$6.6 million|
|Malicious insiders||26%||$648,000||$4.1 million|
|Credential insiders||18%||$805,000||$4.6 million|
As seen in the table above, negligent insiders account for more than half of insider-led incidents. While their cost per incident is the lowest, negligent insider events cost organizations the most — $6.6 million annually — due to their frequency. This shows that even seemingly minor user mistakes can have major consequences.
Compared to the other types of insider-led incidents, credential theft is the costliest to address on a per-incident basis. Alarmingly, credential thefts rose from 14% of incidents in 2020 to 18% in 2021, and their annual cost to organizations increased by 65% — $2.79 million in 2020 to $4.6 million in 2021.
The zero trust framework minimizes the risk of insider threats by implementing a strict identity authentication process. Only users and devices that undergo and are verified by the said process can access company data and resources.
Network perimeters are becoming nonexistent
With the growing popularity of remote work and cloud computing, more and more people are accessing company systems through different types of devices and connections. This means IT resources (e.g., data, applications, infrastructure, devices) are increasingly moving beyond the perimeter and outside the company’s zone of control, increasing the company's risk exposure.
Read also: 3 Cybersecurity challenges of remote work
By implementing zero trust, businesses can safeguard their data and systems no matter where users and devices are, while also ensuring quick access to company IT resources.
Let the IT experts of SpectrumWise handle your organization’s cybersecurity needs. By partnering with us, you gain the peace of mind to focus on what really matters — your business. Schedule a consultation with us today.