CYBERSECURITY CHALLENGES: Only a zero-trust mindset works – Industry News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

By Anand Jethalia

Over the Last two years, the digital footprint of organisations has experienced a tremendous surge, resulting in data fragmentation and growth across various applications, devices, and locations. This has provided cybercriminals with multiple entry points to infiltrate systems through vulnerabilities in applications and devices. So, how do we navigate the world of hybrid work? The answer lies in adopting a comprehensive security approach. It involves embracing a zero-trust mindset, leading with the cloud, and investing in people.

Zero Trust: A proactive approach
A Zero Trust strategy should be at the forefront of every organisation’s security strategy. Zero Trust is a proactive and integrated approach that relies on intelligence, advanced detection, and real-time threat response. Multi-factor authentication is an example of security measures that align with Zero Trust principles and can help block up to 99.9% of account compromise attacks. In a world where identity is the new battleground, adopting a Zero Trust strategy is no longer an option, but a business imperative.

Elevating cloud security
Multi cloud environments multiply the complexity of securing identities and permissions. Many organisations struggle with visibility and control over these evolving aspects. According to Microsoft’s Cyber Signals report, over 80% of ransomware attacks today can be traced to common configuration errors in software and devices. Cyber risks persist and adapt, emphasising the need for comprehensive, integrated, and cloud-powered defenses, driven by automation.
While many organisations consider it too costly to implement enhanced security protocols, security hardening actually saves money. Approaching cloud security from an end-to-end holistic perspective should be a priority since attackers target organisations rather than endpoints or identities.

Investing in people
Collaboration is the key to meeting the cybersecurity challenge, demanding a blend of human expertise, processes, and technology. Organisations must continually assess their risk tolerance and operational capabilities, through a combination of human effort and technological solutions. Ensuring that employees are aware of the security risks associated with storing data in cloud services and are trained in best practices for securing data is pivotal. This includes regular security awareness training and policies for reporting suspicious activity.

Finally, it is crucial to recognise that security is a team sport. We must come together as a cohesive ecosystem, uniting public and private sectors, policy think tanks, and civil society to navigate the complex digital landscape and ensure the safety of all stakeholders. In this era of hybrid work, robust cybersecurity is not just a choice; it is our shared responsibility to forge a secure and resilient digital future.

The writer is country head – cybersecurity, Microsoft India and South Asia