Grant just enough privilege

SecurityMEA speaks with Kamel Heus, Regional Manager – MEA, Centrify about recent proliferation in the number of cyber attacks and breaches, and what role a zero trust model plays in mitigating such attacks.

How would you evaluate the current cyber security landscape?

The threat landscape is changing rapidly with a frightening sophistication and pace of data breaches. Cyber-threats come in all shapes and sizes, and from all vectors. Compromised credentials are a leading cause of these security breaches. Identities are the vehicle to opening the front door and navigating laterally through an organization until access to the keys to the kingdom are obtained.

According to Verizon’s 2017 Data Breach Investigation Report (DBIR), 81% of hacking-related breaches leveraged either stolen and/or weak passwords, which was up from 63% in the previous year. This alarming trend clearly shows that today’s security isn’t working. Centrify’s mandate is to ensure that the breach stops here, by providing a single platform to secure each user’s access to apps and infrastructure in today’s boundary-less hybrid enterprise.

Organisations in the region are being more vigilant when it comes to accessing their critical assets. We see more tightening in the way people are accessing data within the company boundaries or from outside. Employees, partners and contractors are able to access data from anywhere at any time, and combined with the fact that the traditional perimeter is dissolving, more work is being done to protect the identities of people (or devices) accessing the organisation’s data. Centrify considers Identity as the new security perimeter. There is no magic answer to defeating cyberthreats, but with the right strategy, strong security policy and active engagement of all employees, the risk of a cyberattack can be reduced.

What is your take on recent malware/ransomware attacks?

Ransomware attacks continue to rise, impacting many organizations. 2017 saw many ransomware attacks, be it Bad Rabbit, WannaCry, or Petya or even the HBO hack. The ransomware attacks have costs far more than the relatively minor pay-outs demanded. With WannaCry, we have seen organizations particularly from healthcare being vulnerable to ransomware. Disruption of patient care, destruction of data and general disorder caused by a ransomware attack was felt particularly hard by targeted healthcare organizations.

According to a recent Ponemon study commissioned by Centrify, the costs for a breach can have a significant impact on the bottom line. The study highlighted that more than 30 percent of consumers impacted by a breach stated they discontinued their relationship with an organization that experienced a data breach.

What is Zero Trust and how much trust you have in Zero Trust?

A Zero Trust approach to security assumes that everything from users to endpoints to resources to devices is untrusted and must always be verified to decrease the chance of a major breach. Centrify’s Zero Trust Security assumes users inside a network are no more trustworthy than those outside the network. It presumes that everything (users, endpoints, networks, resources) is untrusted and must be verified first so that security is not compromised. The notion of a robust perimeter no longer exists and thus, by combining identity assurance, and endpoint posture to grant access through a least privilege model, lateral movement, phishing attacks, and other common attack vectors are reduced substantially.

How does the Zero Trust model work and can it be a solution for cyber-attacks or hacking? If yes, what steps do organizations need to take to follow the path of zero-trust model?

A policy of Zero Trust is centered around continuously verifying users and their devices, limiting access and learning from user behavior and employing such a model will most likely stop breaches/cyber-attacks. The Zero Trust approach resonates deeply with us at Centrify. It has always been our goal to look beyond the porous, indefensible perimeter to secure organizations with best-of-breed technologies via a unified, identity-focused platform that serves all users and their access to all resources — including apps and infrastructure. This process involves four key elements, namely verifying the user, verifying their device, giving just enough access, and learning and adapting.

A unified platform comprised of privileged access management (PAM), enterprise mobility management (EMM), multi-factor authentication (MFA) and machine learning are key to a well-rounded Zero Trust Security approach. When combined and implemented across the entire organization, these technologies help to ensure secure access to resources while significantly reducing the possibility of breaches. We advocate that organizations strive towards a state of zero trust through Just Enough Privilege, granted Just In Time. Central to this theme is migrating to a role-based access control (RBAC) model that is dynamic, using short-lived instead or long-lived privileges.

What are the key benefits of zero-trust and what message would you like to give to CIOs and CSOs in the region?

Security is a core business concern that demands the attention of the CEO, the C-suite and the board of directors. In fact, a breach can damage a company’s image for good. The Ponemon study found that breaches rank in the top-three most negative impacts to brand reputation, following terrible customer service and environmental disaster.

The key benefit of adopting a zero-trust model is that implementing strong security controls and access policies are paramount to minimizing the risk of loss – of credibility, revenue or even a dip in stock price as evidenced by the Day One market reaction to the recent Equifax breach.

CIOs and CSOs in this region’s organizations must continue cyber hygiene awareness and education by training staff to spot the warning signs of a phishing attack and social engineering, and most importantly, they need to use MFA on both a privileged and end-user level to stop the breach, without burdening the user. This is paramount to cyber security success.