How a zero-trust approach to cyber-security, complimented with AI machine-learning, is essential in protecting our businesses from modern cyber-crime.

How a zero-trust approach to cyber-security, complimented with AI machine-learning, is essential in protecting our businesses from modern cyber-crime.

Remote working may be here to stay, and businesses need the right tools to improve their cyber-security.

As we’ve discussed in previous blog posts, the digital landscape for businesses is changing. More and more people are working from home, and the potential for cyber-crime has greatly increased.

According to the ONS, in April 2020, 46.7% of people did at least some work from home. Of this percentage, 86% was as a result of COVID-19.

But perhaps this move towards digitalisation and remote working was happening anyway, and the pandemic has simply shunted it forward.

The usage of Cloud computing and SaaS applications, such as Google Workspace and Dropbox, is on the rise. Plus, in another survey carried out by the Institute of Directors, it was revealed that 74% of businesses planned on maintaining this increase in remote working.

It is clear that working from home is here to stay. But, with a change in working process, we know there is danger that can potentially be exploited. What can businesses do to best protect themselves against cyber-crime?

Traditional networks and security systems aren’t designed to support a high percentage of remote/mobile workers. Although there are measures that can be taken to improve security postures, the fundamental approach and mindset needs to be reviewed to adapt to this change of threat landscape. A zero-trust approach to cyber-security, along with AI machine learning, will greatly improve a businesses\’ resilience against modern cybercrime.

What is a zero-trust approach, and what does it mean when it comes to security?

Traditional methods would have a business\’ security believe that once a user has accessed the enterprise network, they can be trusted to act responsibly and move laterally across that network. Any user, including hackers and malicious agents, are free to roam and extract files as they please.

A zero-trust approach in cyber-security follows the principle that a business\’ network should never trust and always verify.

A zero-trust approach, or zero-trust architecture, requires all users, even those that have already gained access to the network, are to be constantly authorised, authenticated, and validated, before being granted access to different applications and files.

These applications and files, especially ones that contain sensitive data, are defined as \’protect surfaces\’ under a zero-trust approach. Once protect surfaces within the network are identified, traffic across an organisation must be tracked in relation to the protect surfaces, to understand who a user is, and what applications they are using.

Mapping user traffic, once the protect surfaces are defined, then allows the zero-trust approach to be implemented, protecting sensitive data and closing off users from moving across the business\’ network freely.

So what? How does a zero-trust approach make remote working more secure?

A zero-trust approach to cyber-security is not dependent on one specific location, and with an organisation’s workers now accessing an enterprise network from anywhere, this is critical.

Users are now accessing critical data and applications from their homes, and once lockdown is in the past, perhaps from coffee shops, libraries, and multiple offices. A zero-trust approach can be implemented directly to user devices, or through the cloud, to ensure that the right people are accessing the right data or SaaS applications.

“With a remote workforce, zero trust becomes ever more important” – Kevin O’Leary, Palo Alto Networks’ field chief security officer in Asia-Pacific.

This mitigates a vulnerable position from a larger, wider attack surface by reducing the target area, and limiting a threats ability to move through a network, whilst still allowing visibility over the multi-cloud environment. Making remote working far more secure.

To give an example, with no barriers in place, your commercial team may have access to not only their files and systems, but also to the infrastructure team data, including firewall configurations. They won\’t ever go near them, but a hacker using a compromised account might.

Finally, zero-trust tools can provide visibility into which users are accessing which applications providing rich data to make informed decisions, run audits and investigate, if necessary.

Pairing zero-trust architecture with AI and machine learning.

So, it is clear that a zero-trust approach is great measure to take in securing the remote workforce and a business’ hybrid network, but how can we improve on this? As we have talked about in previous blog posts, AI and machine learning systems are essential in the modern-day.

A zero-trust approach, matched with an AI and Machine learning security solution, is a strong combination to protect the remote workforce and level up our cyber- security postures in the modern age. The zero-trust will limit damage and contain threats if a breach was to occur and AI used in Advanced Threat Detection (ATD) security systems are used to avoid being compromised in the first place.

But what are the uses of AI in cyber-defence?

To make a long story short, AI and machine learning security solutions, within cyber-security, are systems that constantly learn from their environment. AI can monitor behaviour across a hybrid network, the endpoint, cloud and collects data. It then learns from the data and attacks it encounters and is able to easily combat any similar malicious activity – Machine learning is able to continually improve its defensive mechanisms.

What does this mean in terms of cyber-security? Well, AI is able to produce defence models at a far greater rate than any human would be able to. A human IT team may be able to produce a few good models a week, whereas an AI system can produce thousands.   

The human touch, however, isn’t lost. AI and Machine learning systems are able to notify IT teams of malicious activity through digestible data feeds – feeds that are updated in real time with threat intelligence.

This won’t be a case of endless notifications and beeps either, the data feeds will only notify personnel of abnormalities that are important or unable to be contained. This prevents suspicious behaviours from going unnoticed in a long list, mitigating the risks.

This is important because, overall, AI and Machine learning systems’ main asset to a business will be the reducing the time and impact of cyber-attacks. The quicker an organisation is able to remedify a cyber-attack, and the smaller the impact of that attack, the less costly this event will be to the company.

In summary, digitalisation and remote working is here to stay, and in many ways, is the way forward. But to adapt to the changing digital landscape of multi-cloud environments, SaaS applications, larger surface areas, etc, organisations have to update and leave traditional cyber-security methods in the past.

A zero-trust approach to cyber-security, paired with an AI machine learning system, is the best way we can protect our business from cyber-crime in the new digital age of remote working.

SIGN UP FOR ‘NCL INSIGHTS’

Your trusted source for innovation, technology insights, and market trend analysis.