Unsurprisingly, given the impact of several high-profile malware outbreaks, exploits and hacks over the past year, in 2018 we can expect to see significant disruption in the cybersecurity industry.
Organizations are spending millions - and in some cases, hundreds of millions of dollars - on technologies aimed at bolstering their cybersecurity posture, but to no avail. Attacks are becoming more sophisticated. Cyber-criminals have as much – if not more – funds to invest in developing new attacks than the businesses they’re targeting can spend on defense.
As a result, in the year ahead a key disruptor will be the re-emergence of the 'zero trust' security model. With this approach, the IT team adopts a mindset of ‘we don’t trust anybody’, and only by explicitly allowing users to access systems, can trust be established.
A decade ago, the ‘zero trust’ approach implied that the IT team would simply prohibit people from using non-corporate issued devices and applications. However, the more modern ‘zero trust’ model will accommodate individuals’ personal preferences.
That doesn’t mean that there will be more rigorous authentication measures in place that will require users to verify their identities through multiple layers of credentials. Instead, enterprise systems will vigorously authenticate whether users are indeed entitled access to specific sets of data, before making them available.
Some might question whether the ‘zero trust’ approach will lead to bottlenecks and delays in getting tasks accomplished. The answer is no: if you’re running a cloud-based system, the authentication and verification process will be near-instantaneous, so people’s productivity won’t be inhibited.
Re-examine policy and process
Organizations that embrace this model will use it as an opportunity to re-examine their cybersecurity policies and processes. This will result in a new generation of policies and processes that consider the organization’s on-premises infrastructure, as well as the cloud services and platforms that they utilize.
This hybrid IT approach - common today in businesses – and zero trust controls will allow careful scrutiny of how they’re using the cloud and identify ways to raise their cybersecurity defenses such as making better use of micro-segmentation in multi-cloud environments.
Blockchain as the implementer
The wider opportunities and applications of Blockchain in the world of cybersecurity are only just emerging. It’s already being used in public key cryptography to secure emails, websites, and messaging applications. Most traditional implementations rely on centralized certificate authorities to generate and store keys - the Public Key Infrastructure (PKI), which renders them susceptible to attacks from hackers.
Blockchain-based implementations of PKI remove the central certificate authorities completely and make use of a distributed ledger of domains and their related public keys. This is an inherently more secure approach as there’s no central database to attack.
Importantly, Blockchain allows a digital ledger of transactions to be created and shared among participants via a distributed network of computers. The system is highly accessible and transparent to all participants: all transactions are publicly visible.
This means it’s possible for businesses to make Blockchain ‘corporately visible’ within their organization so that they can see every transaction that takes place between one individual and another, one piece of data and another, or one machine and another. This enables companies to build up a comprehensive history of every transaction that occurs. This has significant potential to allow organizations to boost their defenses in the areas of user authentication and identity and access management. As a result, we’ll be very likely to see Blockchain serve to underpin the zero-trust security models that will gain traction over the next year.
For example, when a longstanding employee attempts to access a particular corporate system, the Blockchain will recognize that they’ve logged in previously and are deemed to be trustworthy and will therefore grant them access.
However, if the marketing department brings in a new contractor to help on a project, the first time he or she attempts to log onto the network, the Blockchain ledger will detect that it’s neither engaged with the user before, nor interacted with their device. Blockchain will also pick up if an existing user tries to access a particular file or set of data that they’ve not accessed before, or whether they’re attempting to log onto the network from an unfamiliar location.
In these scenarios, Blockchain will isolate the connection and give the user restricted access until the transactions have been expressly sanctioned by system administrators or the IT security team. Essentially Blockchain will become the implementer of the ‘zero trust’ policy.
Ultimately, the next 12 months will see renewed focus on authentication measures and how they can enable businesses to operate efficiently in the face of cyberattacks. The ‘zero trust’ approach provides a logical platform for this, but organizations must ensure that their wider systems and infrastructure can support zero trust without introducing any productivity-damaging obstructions.