Research undertaken by the Neustar International Security Council found that 60% of organisations would pay a ransom in the event of a ransomware attack. A truly shocking statistic and one that illustrates the need for so many to implement robust IT security and data back-up solutions. With ransomware attacks making the news with increasing regularity - see Acer, Quanta, Kia Motors, Axa, and Kaseya to name but a few from this year- the importance of implementing a multifaceted and effective security and back-up strategy is higher than ever. Organisations without strong solutions open themselves up to not only data loss but huge monetary losses as well. With cyber criminals targeting data stored both on-premises and in the cloud, as hybrid-working grows in popularity, the way that businesses need to approach data protection is changing too.
There are various cybersecurity frameworks that your organisation may or may not be working to such as NIST, ISO, SOC 2, GDPR, and more. Whilst some organisations may not follow a framework, you may be working to standards such as those required for Cyber Essentials certification. However, a cybersecurity framework that is receiving particular traction at the moment is the ‘Zero Trust’ model. Most commonly credited to the work of Forrester researcher, John Kindervag, in 2009, the Zero Trust cybersecurity model promotes verification over trust. Since Kindervag’s initial conception, many technological leaders have developed their own personal take on the Zero Trust model, from Microsoft to the National Cyber Security Centre, always with the ethos of verification first at its centre. Microsoft believe that Zero Trust is all about thinking big, starting small, and moving fast. Essentially what this means is that using the Zero Trust framework in conjunction with an understanding of your organisation’s risk level and strategic goals, you can design a multiyear plan in which incremental steps improve your security in an achievable and affordable way. Zero Trust covers five key areas; users, applications, data, networks and devices. By adopting Zero Trust you can simplify your approach to a complex area. These proactive security steps will support your organisation in adopting a security framework that assumes breach, always authenticates, authorises, and encrypts, and uses least privileged access to ensure secure cloud working. A strong defence against cybercrime needs to address your people, processes, and technology, providing not only effective solutions but the understanding of how to implement these appropriately and ensure user understanding. With the tools required to implement a Zero Trust model becoming accessible to SMEs, smaller businesses can now protect their data and their bank balance. However, the task of implementing this framework might seem daunting, you might not know where to start, and that’s okay. Synergi’s Zero Trust model and team of cybersecurity experts can support you through this process, understanding budget, needs, and the maturity of deployed solutions, helping you protect what’s most important, your business.
