Feeling Swamped by Technology? Practice Ephemeralization

Feeling Swamped by Technology? Practice Ephemeralization

New technologies seem to be flying at you at an overwhelming rate. Computing, medicine, education, artificial and augmented reality, the list goes on and on. How do you even begin to deal with it all? Try a concept first floated 80 years ago. In his
It’s Not Digital Transformation; It’s Digital “Business” Transformation – Part III

It’s Not Digital Transformation; It’s Digital “Business” Transformation – Part III

Digital “Business” Transformation This is the third part of the series on the “Customer Journey Digital Transformation” methodology for helping organizations to become more effective at leveraging their digital assets to disrupt traditional business models and disintermediate customer relationships. As defined in the blog “What
Louis Columbus

The Current State Of Cybersecurity Shows Now Is The Time For Zero Trust

The Current State Of Cybersecurity

  • 41% of total breaches in 2017 targeted the healthcare industry, making it the most popular target for breach attempts.
  • Personally Identifiable Information (PII) combined with user credentials tops the percentage of breaches with 29% according to Wipro’s report.
  • 88 records were lost or stolen every second in 2017 according to Wipro’s analysis.
  • Machine learning & AI are the second highest ranking security competencies for the future.

These and many other fascinating findings are from Wipro’s State of Cybersecurity Report 2018. A copy of the report can be downloaded here (PDF, 96 pp., no opt-in). The study is based on four primary sources of data including primary research of Wipro customers, Cyber Defense Center (CDC) primary research, secondary research sources and Wipro partner content. 42% of respondents are from North America, 10% from Europe, 18% from the Middle East, 21% from Asia and 8% from Australia. For additional details on the methodology, please see pages 3 through 5 of the report.

Banking & Financial Services and Healthcare Breaches Most Common

Over 40% of all breaches Wipro was able to track using their CDCs are targeted at healthcare, followed by banking & financial services with 18%. This is consistent with Verizon’s 2018 Data Breach Investigations Report which shows healthcare leading all industries with five times the number of breaches experienced than any other industry. Banking & financial services receive more server-based breach incidents than any other industry according to Verizon’s latest study. Accenture’s study, “Losing the Cyber Culture War in Healthcare: Accenture 2018 Healthcare Workforce Survey on Cybersecurity” found that 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000.

Wipro’s State of Cybersecurity Report 2018 underscores how all industries are facing a security crisis today. The study shows how all industries need a more scalable approach to security that protects every attack surface by validating every access request on every device, for every resource.  Zero Trust Security (ZTS) continues to be proven effective in thwarting breach attempts across all industries by relying on its four core pillars of verifying the identity of every user, validating every device, limiting access and privilege, as well as relying on machine learning to analyze user behavior and gain greater insights from analytics. Leaders in this field include Centrify for Privileged Access Management, Idaptive, (a new company soon to be spun out from Centrify) for Next-Gen Access, as well as Cisco, F5 and Palo Alto Networks in networking.

ZTS starts by maturing an organization’s identity management practices ― be it to secure end-user access credentials through Next-Gen Access (NGA) or to secure privileged user credentials via Zero Trust Privilege (ZTP). NGA empowers organizations to validate every end user access attempt by capturing and then analyzing a wide breadth of data, including user identity, device, device operating system, location, time, resource request, and many other factors to derive risk scores. NGA determines in less than a second if verified end users will get immediate access to resources requested, or be asked to verify their identity further through Multi-Factor Authentication (MFA). Zero Trust Privilege is focused on privileged users that typically hold the “keys to the kingdom” and therefore are a common target for cyber adversaries. ZTP grants least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, organizations minimize attack surfaces, improving audit and compliance visibility, and reducing risk, complexity, and costs for the modern, hybrid enterprise. Every industry needs Zero Trust Security to secure the proliferating number and variety of attack surfaces and realize that each customer, employee and partner identity is their real security perimeter.

Key takeaways of the Wipro State of Cybersecurity Report 2018 include the following:

Security Architecture & Design and Machine learning & AI are the #1 and #2 ranked security competencies for the future. When senior executive respondents were asked which security competencies would most help security practitioners excel in the cybersecurity domain, they mentioned security architecture & design (31%) and machine learning & AI (19%) as their top choices. Next-Gen Access platforms leverage machine learning algorithms to continuously learn and generate contextual intelligence that is used to streamline access for verified end users while thwarting breach attempts, the most common of which is compromised credentials. 

29% of respondents say that Privileged Access Management (PAM) gave them most value, further validating now is the time for Zero Trust Privilege. IT executives are more and more understanding that privileged access credential abuse is the most common cause for cyber-attacks and therefore are starting to place more emphasis on implementing Privileged Access Management. Centrify has recently announced a new focus on Zero Trust Privilege, extending PAM to a broader modern threatscape including DevOps, containers, Big Data and more. 

Endpoint attack vectors are proliferating faster than traditional enterprise security approaches can keep up. The scale and scope of endpoint attack vectors continue to change quickly. Wipro found that breach attempts are often multi-dimensional with orchestrated attempts to compromise a combination of attack vectors at once. Wipro’s findings that endpoint attack vectors are fluctuating so quickly further support the need for ZTS enabled by Next-Gen Access as the primary security strategy to thwart breach attempts. 

Conclusion

In quantifying the number and scope of breaches healthcare, banking & financial services, retail, education and manufacturing companies experienced in 2017, Wipro’s latest Wipro State of Cybersecurity Report shows how every identity is the new security perimeter of a business. Attack surfaces are proliferating with the growth of business models in each of these industries, accelerated by the Internet of Things (IoT) adoption and smart, connected products and systems. By relying on the four core pillars of verifying the identity of every user, validating every device, limiting access and privilege, as well as relying on machine learning to analyze user behavior and gain greater insights from analytics, Zero Trust Security thwarts breach attempts by protecting every threat surface in real-time.

By Louis Columbus 

Louis Columbus

I am currently serving as Director, Global Cloud Product Management at Ingram Cloud. Previous positions include product marketing at iBASEt, Plex Systems, senior analyst at AMR Research (now Gartner), marketing and business development at Cincom Systems, Ingram Micro, a SaaS start-up and at hardware companies. I am also a member of the Enterprise Irregulars. My background includes marketing, product management, sales and industry analyst roles in the enterprise software and IT industries. My academic background includes an MBA from Pepperdine University and completion of the Strategic Marketing Management Program at the Stanford University Graduate School of Business. I teach MBA courses in international business, global competitive strategies, international market research, and capstone courses in strategic planning and market research. I've taught at California State University, Fullerton: University of California, Irvine; Marymount University, and Webster University. You can reach me on Twitter at @LouisColumbus.

View Website

TOP ARCHIVES

A Look Beyond the Basics of Cloud Database Services: What’s Next for DBaaS?

A Look Beyond the Basics of Cloud Database Services: What’s Next for DBaaS?

Cloud Database Services When it comes to choosing the right database management system (DBMS), developers and data analysts today face ...
Should Insurance Companies Be Using Big Data?

Should Insurance Companies Be Using Big Data?

Insurance Companies and Big Data Your lifestyle, behavior, and attitudes can affect your health, and increasingly health insurance companies are ...
CloudTweaks Q&A: How Smart Will Your City Be by 2025?

CloudTweaks Q&A: How Smart Will Your City Be by 2025?

How Smart Will Your City Be by 2025? What role does back end infrastructure play in connecting IoT devices? Probably ...
Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G This blog post was made in collaboration with Intel. A smarter world is now a ...
10 Charts That Will Change Your Perspective Of Big Data’s Growth

10 Charts That Will Change Your Perspective Of Big Data’s Growth

Big Data’s Growth Worldwide Big Data market revenues for software and services are projected to increase from $42B in 2018 ...