In this environment, the likelihood of encountering ransomware in any medium or large organization is much higher. An organization’s defensive strategy must anticipate these events and limit what a simple compromise can bring to the attacker.
This requires both limiting the amount of data accessible from a given device or account and investing in ways to detect and respond more quickly.
A zero trust approach
Zero trust is all about going back to the basics of information security. It recognizes that it is no longer sufficient to decide whether a device or user is trustworthy solely based on whether they have already authenticated to an internal network.
It also recognizes that modern approaches to identity and access management can enforce the “principle of least privilege” without imposing additional friction on users.
Rather, users and devices must authenticate each time they access applications and data, and each authentication must evaluate a broader set of contextual information about the request. This should include user context (such as the relative strength of the authenticator used to prove their identity), device context (whether the device is known/registered, managed, and demonstrating a strong posture), and the network context (whether the request is from a known and reputable network location/IP address type).
These assessments should also consider behavior: is a user identity typically associated with this device and this network?
The main enablers of zero trust are a policy engine capable of evaluating this context, controls (such as multi-factor authentication) used to incentivize users to prove their identity, and an ability to easily log, monitor, and respond to events indicating an account compromise.
Are we already there?
According to Okta’s zero tust reportbusiness leaders in Australia and New Zealand are aware of the threat posed by ransomware and are actively investing in the technology and processes needed to mitigate it.
The research found that 85% of organizations in Australia and New Zealand plan to implement some form of zero trust in 2022. Most identified that they are currently at the lower end of the maturity curve.
Given the high threat environment, it is essential that business leaders remain engaged and support the efforts of information technology and security teams to reduce their exposure to risk.
Brett Winterford is director of security for Asia-Pacific at Okta