This is part of a running series on #DataPrivacyDay.
Jeff Hussey, President, CEO and Co-Founder of Tempered Network:
"On Data Privacy Day 2021, organizations have never been less secure from an ever-expanding list of cybersecurity threats and attack vectors. The sophistication of malware and the vulnerabilities of ever increasingly complex systems comes at a time when the once secure perimeters of enterprise organizations are dissolving and more and more smart devices are becoming connected and sharing private or mission-critical data over mobile, cloud and public networks. The recent hack of dozens of Solar Winds customers by compromising an extremely trusted network management application, giving attackers access to an entire network and potentially all applications, is causing organizations to rethink what they can do against such potential threats.
Quite frankly, the ubiquitous five decades old TCP/IP network protocol was never designed for this. Network security solutions like firewalls, VPNs, and access control systems that have plugged the holes in TCP/IP are not able to keep up. Although they have gotten more sophisticated over time, these devices have become extremely bloated and difficult to manage, expensive to deploy throughout the network, and are providing inadequate security against today’s emerging threats and access requirements. A better, more fundamental approach is required…
Organizations have been trending for the last several years to a more pervasive security approach called Zero Trust architectures, sometimes called a Software Defined Perimeter (SDP) solution. This approach turns traditional security methodology around from blocking what is not permitted, to trusting virtually nothing on your own internal network, and explicitly allowing specific communications between devices. This “whitelisting” approach can make the network much more secure, stop the spread of malicious malware from an initially compromised system, and adapts easily to a dissolving network perimeter as more remote access and shared data requirements emerge. To be successful, organizations need to select a Zero Trust architecture that overlays on top of their existing network infrastructure to avoid high costs and forklift upgrades. It also helps to centralize security policy management into a single controller system that spans multiple security services, device types and network protocols that can reduce complex security management overhead and keep the network more agile to changing business and access needs."