Cybersecurity is an evolving, moving target. No IT support provider can install security measures and then forget about them for ten years – it just doesn’t work that way. Cybercrime never sleeps and it never stops developing new ways to break into network systems.
Sure, you have next-generation firewalls and antivirus, but that has never been enough. It is a great advantage that commerce can move at the speed of your bandwidth, but it does not come without dangers or costs.
Gartner has released its yearly report on the top Information Technology trends and recommendations for 2022, and Cybersecurity Mesh Architecture (CMA) is the #2 strategic trend.
Gartner’s #1 trend is Data Fabric Architecture. While this is important in terms of streamlining data management, and IT Support LA, as a Managed IT Services provider, may well recommend this for clients to consider as a way to boost their communications and data flow, but in terms of proactive maintenance and protection, security remains one of our main areas of focus.
What is a Cybersecurity mesh?
Cybersecurity mesh is a strategy used for cyber defense that separately secures each device such as firewalls and network protection tools with its own perimeter. Common among security strategies is the use a single perimeter for the entire IT environment.
Think of your network as a castle. The old way was to have a thick stone wall around the perimeter, and maybe a moat. Once the outer wall is breached, attackers can easily access any area within the wall.
A security mesh adds to the outer wall with independent, scalable protections for each area inside. The kitchen does not need the same level of security as the armory or the King’s quarters. This is a way of putting your protections where they are most needed, and not enabling the collapse of one to be intertwined with the collapse of another.
This modular approach is a break from the old fully centralized IT model. Overall security policy management is still centralized, but the enforcement of security is distributed to each individual department within the company for administration. It allows for smaller individual perimeters with degrees of access and security to be based on the sensitivity of that department’s data.
In effect, this eliminates the old pattern that, once a network is breached, the hackers are free to go anywhere they want. Now crooks find that once they manage to get in, their highest value targets have the highest security.
Zero Trust: The Ruling Principle
Zero Trust (ZT) is nothing new. The concept was created in 2009 by John Kindervag of Forrester Research based on the simple notion that trust is a vulnerability. He posited that going forward, security measures must be designed with a strategy of “Never trust, always verify.” Despite early resistance from organizations that felt it was too cumbersome, costly, and time-consuming, it has steadily gained favor and acceptance as a ‘must have.’
If the IT Support Los Angeles community is representative of the global attitude towards Zero Trust, IT services worldwide would have been championing ZT to their clients from day one.
ZT is not a single technology, but a strategic philosophy – a set of policies and procedures that allow no one inside or outside of an organization to be granted access to any network resource or device without rigorous and continuing authentication and verification. Anyone attempting to gain access is guilty until proven innocent.
It is just this Zero Trust standard that causes certain websites and apps to compel you to enter your phone number so that a code can be texted to you – which you must enter before access is granted. Most smart IT services providers are well beyond demanding a simple password to gain entry. Multi-Factor Authentication should be the norm, although many organizations are slow to add this to their security armor.
With comprehensive Zero Trust architecture in place, micro-perimeters are set up around sensitive areas of data, and CMA is a key component. Zero Trust is the strategy and CMA is an important tactic.
Frequently Asked Questions
Q: What is the importance of cybersecurity mesh for businesses?
A: Employing CMA gives the greatest level of protection to the life blood of any enterprise: data. It ensures that all equipment, systems, and data are treated equally in terms of access. The levels of protection are determined by the needs of each department, which relies on its own security perimeter, and are set by departmental management to reflect its own security requirements.
Look back at the first Mission Impossible movie. The most important data at CIA headquarters in Langley was stored in the computer with NO internet access, signifying the most serious protective measures for the most sensitive information. It certainly stands to reason that this level of security needed to be much more stringent than what was required for the motor pool or cafeteria.
Gartner’s Top 8 security predictions for 2021-2022 cite that by 2024, organizations that have adopted CMA will “… reduce the financial impact of security incidents by an average of 90%.”
Q: What are the 4 principles of Cybersecurity?
A: These are the 4 universally accepted principles:
1) Govern: The identification and management of security risks.
2) Protect: The implementation of controls to reduce security risks.
3) Detect: The detection and understanding of cyber security events.
4) Respond: In-place mechanisms to respond and recover from security incidents.
Q: How much did cybercrime increase in 2021?
A: 2021 saw the highest percentage increase and overall number of attacks ever seen in cybercrime. Check Point Research released the results of their analysis which shows that from mid-2020 throughout 2021, there was a 50% increase in the number of attacks against corporate networks.
Q: How many cyber crimes are committed each day?
A: Based on reports covering the first quarter of 2022, the number of attacks on U.S. business alone tops 4,000 per day, and that number continues to grow at an alarming rate. Small (1 – 250 employees) suffer the highest percentage of attacks. 43% of successful security breaches are against small businesses.
How secure is your network?
IT Support LA offers a FREE, no-risk network and security assessment. No strings, no obligation.
Just fill out the form on this page or call us at:
818-805-0909
