How to Beat Cybercrime Vol.3
Michael Beaupre
CISO | Coach | Mentor | Business Leader | Closing the cyber security skills gap through strategic partnerships
Cybersecurity cannot be achieved by singular entities. It must be done collectively – via transparent, cooperative, and united partnerships. Collective intelligence and wisdom of the past are necessary components to create digital and analog safety for companies and people alike. For example, Sun Tzu's philosophy from The Art of War can still be applied today. Many believe the "Zero Trust Principle" also fits the mold.
In Volume 3 of "How to Beat Cybercrime", I will describe how Sun Tzu’s principle applies in today's (business) world.
Even though many are flaunting it as such, Zero Trust is not new. Zero Trust is based on a paradigm known as DAPE - deny all, permit by exception. In simple terms: never trust, always verify.
Do you remember Sun Tzu's words quoted in Volume 2?
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained, you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”?
Let's examine how that applies in today's world through the lense of Zero Trust. Imagine Zero Trust like a bank. Customers are granted access to the lobby, service counters, and front offices, but everything else is blocked off. No one can get in without approval. Access to the vault and the safe-deposit boxes is denied to anyone until a need to enter is approved and verified. Once inside, you cannot stay indefinitely and have only limited access.
Only bank managers and approved staff are granted access to the vault at certain times. Even within the vault, there are safe-deposit boxes that the bank manager cannot access without a customer’s key. Anyone else is only let in by exception.
When money is transferred to another location, banks use armored cars, armed guards, and several other protection and validation measures. An integrated system of layered protection, constant monitoring, and authorization has been put in place. No single person is ever trusted with the money’s safety, and their access and rights are challenged at multiple stages – never trust, always verify. My analogy is a simplistic illustration of zero trust, but I hope it proves the point.
Context is key when assessing the Zero-Trust principle.
Zero trust is a tried-and-tested principle that works well but it has an upfront requirement to be effective: Businesses must determine who can access specific assets and information with clear instructions about what may or may not be shared. The more complex the company, the more difficult it is to meet this requirement. So: operational context is key. Or, in Sun Tzu's words, "...know yourself...".
Many companies introduce zero trust models without taking the time to develop a deep understanding of the principle or to build detailed and relevant use cases. They often underestimate the complexity and diversity of their business operations. Once implemented, the IT department is often expected to find solutions on their own - an approach that is doomed to fail without the proper business context.
领英推荐
Zero trust architectures are very valuable when classification processes and sharing instructions are defined rationally and comprehensively. Zero-trust hardliners say: “When you aren’t sure who should have access, then no one should have access.” ?This hardline stance could secure a company right out of business.?
A successful implementation of the zero-trust principle requires a great deal of patience and close collaboration with all the company's internal stakeholders. Shortcuts or half-hearted approaches can bring operations to a halt and cause great financial damage. Without intricate knowledge of the company's business model, engaged data owners, and operational specifics, Zero Trust will fail.
Failure is not because of zero trust models per se. Failure comes from a lack of shared understanding about the true business interoperability requirements. Understanding these requirements demands significant effort and time to properly map out relationships. Large quantities of patience, diligence, and strategic alliances between business leaders and IT experts are extremely relevant when implementing Zero Trust models.
If you know the enemy and know yourself, you need not fear the result of a hundred battles...
Stay tuned! ??
In Volume 4 of "How to Beat Cybercrime", we will explore emerging trends in cyber secuirty that could help companies and institutions win their fight against modern and adaptive cyber criminals.
Thought leader in cyber security with over 28 years of experience advising public sector entities, DAX-30 companies, and SMEs internationally.
Want to read Vol. 2? Follow the link below
Successfully protecting international enterprises with award-winning cyber AI @Darktrace
1 年As a sales team lead at Darktrace, I am familiar with the value proposition of our solution in helping organizations detect and respond to cyber threats in real-time. In the context of building a Zero Trust model, Darktrace can help in the following ways: - Darktrace's AI technology provides complete real-time visibility of all devices, users, and network traffic, enabling organizations to build a comprehensive inventory of assets. - Darktrace uses behavioral analysis to detect and respond to threats in real-time, including insider threats and novel attacks. - Darktrace's approach aligns with Zero Trust principles of continuous monitoring and anomaly detection. - Darktrace can enforce adaptive authentication policies based on behavior, device, and location, aligning with Zero Trust principles of never trusting, always verifying. Michael Beaupre & Robert Fox - Does this match with your experience and expectations of Darktrace?
Shining a light on Cyber Attack Paths
1 年Looking forward to this! Sun Tzus principles of knowing your enemy AND how the tactics (attack techniques) they are likely to use, in consideration of where that can be successful against what you are trying to defend is still relevant now! Defenders today can learn from this wisdom by adopting an approach where a continuous simulation of attacks guides proactive defence and closure of your exposures.
Mike, great article. The zero trust environment is critical to ensuring protection of key terrain and mission critical capabilities. Continue to press forward to defend business operations and those functions supporting the bottom line while balancing innovation.
Data Centers/Renewable Energy & Batteries/SMART Cities/IT Services/Cyber Security/Virtual Reality
1 年I think I am in complete agreement, but would caution there are still many parts of the system that are more vulnerable than others. As in your bank model, are the security guards in-house or contracted out.? The contractors may have a completely different system that introduces unknown variables. Now back to my standard broken record comment on Cybersecurity, “it’s all about Architecture.”
Accounts & Finance Professional|MBA| ACCA Finalist|TUV SUD Certified Lean Six Sigma Black Belt
1 年You've got to step into the shoes of the criminals, right? Creativity is the key, but at the same time the basics should never be forgotten.?