The White House Adopted a Zero Trust Ransomware Defense. Here’s Why You Should Too.

Kevin Nix

June 21, 2021

Colonial Pipeline. JBS. The Washington D.C. Police Department. The ransomware headlines have been nearly nonstop in recent months. The rapid growth has, in large part, been due to the pandemic and more employees working from home, and it’s only going to increase in volume and severity according to Verizon’s 2021 Data Breach Investigation Report. The move to work from home expanded perimeters (i.e. deperimeterization) and these new configurations will continue to cause security issues.

The recent ransomware executive order signed by U.S. President Joe Biden mandates that the government put a Zero Trust Architecture (ZTA) in place and calls for significant steps to modernize federal networks and improve data sharing between the U.S. government and the private sector. This order rightfully puts cyberattacks on par with other terrorism attacks and the government is urging all businesses to immediately put certain security precautions in place, including multifactor authentication and employing a skilled security team.

Although it’s a strong statement, it can only do so much. In fact, the White House announcement acknowledged that “federal action alone is not enough.” As more organizations face this cybersecurity nightmare, businesses need to get serious about building proactive cybersecurity strategies to stay a step ahead of bad actors. 

With credentials and personal data a favorite target across industries, prioritizing identity and privilege management is essential. A ZTA, which relies on trusting nothing by default both inside and outside of the system, further strengthens organizations’ defenses against ransomware and, should the worst happen, can significantly lessen the impact. 

Automate for More Secured Systems

What’s the most common source of ransomware breaches? Human error. Whether it’s a stolen password or sneaking in through a forgotten account with privileged access, most hacks can be tied to small mistakes. While you can’t remove all missteps, you can minimize the opportunity for them by automating critical access processes.

A Zero Trust Architecture plus an identity and access management (IAM) solution like Hitachi ID Bravura Identity can more securely grant access (and restrict it) with automated provisioning and de-provisioning. By replacing the need for passwords, you remove the opportunity to hack, or socially engineer, creating a stronger system overall. 

Discover Vulnerabilities Before They Become Breaches

To maintain Zero Trust (ZT), organizations can’t simply be reacting to attacks, they need to get ahead of them with predictive technology. Solutions like Hitachi ID Bravura Discover can help businesses identify security threats by continuously scanning your systems to uncover hidden vulnerabilities in accounts, groups, entitlements, and metadata. This proactive measure allows companies to remediate security risks and avoid larger attacks.

Minimize Vulnerabilities With Strong Integrations

Strong, reliable integrations are an important piece of any system. Falling short can create significant vulnerabilities and opportunities for malware to sneak between the cracks. Adding insult to injury, clunky integrations can seriously slow processes, which often leads to end users taking shortcuts. This only furthers the cycle of system weaknesses. 

Companies need to stay ahead of this by building seamless integrations and preferably implementing solutions that offer many of their cybersecurity solutions in one place (rather than stitching together multiple solutions). 

Hitachi ID offers the world's largest collection of connectors. Learn more  here.

Fortify Your System With an Integrated Solution

Another important element of ZT that’s particularly important in protecting against malware is streamlined visibility via one unified interface. Achieving this can be challenging, but with the right solution, like the Hitachi ID Bravura Security Fabric, it’s possible. Quick, efficient, and complete access for administrators (paired with default access limitations for all users) makes it easy to quickly spot abnormalities, providing protection against all kinds of attacks, including ransomware. On the flip side, when these views are split between different solutions or access points, it becomes challenging to see when things are out of the ordinary and can make spotting an attack almost impossible until it’s too late.

Stay a Step Ahead

In 2020, more than 300 million ransomware attacks occurred worldwide. That number is expected to only increase in 2021 — a scary proposition for any organization. Not only are there more, but the targets of attacks are expanding, including IoT, healthcare, manufacturing, and more. By being proactive and taking steps toward a ZTA today, businesses can get ahead of these malware attacks and, should the worst happen, set them up to respond quickly and effectively.

Download our free webinar Top Cybersecurity Outcomes a Zero Trust Model Delivers to learn more about how Zero Trust can protect organizations against the growing threat of ransomware.

Download the Webinar