Too many people with unbridled access to critical data and legacy software that is no longer supported are the exact vulnerabilities cybercriminals exploit and the perfect ingredients for an unforeseen IT outage
RIEGELSVILLE, Pa. (PRWEB)
June 19, 2023
What makes a business an enterprise? The name itself suggests something bigger, something vast and far-reaching. However, enterprises come in many sizes, but what they have in common, large and small, is dispersion. The business may have multiple locations, levels, departments, divisions, and subdivisions that must work together to achieve the company’s goals.(1)
Enterprise is also a strategy, one focused on what is best for the business to make it succeed; it’s about risk and reward. And the more human and technological resources employed when running an enterprise, the more vulnerable the reward is to risk. And the leading risks to businesses worldwide from 2018 to 2023 were cyber incidents — cybercrime, cyberattacks, IT failures and outages, and data breaches.(2)
Walt Szablowski, Founder and Executive Chairman of Eracent, which has provided complete visibility into its large enterprise clients’ networks for over two decades, observes, “Enterprise corporations often distribute management responsibilities into organizational silos that lead to fragmented communication. The same tends to be true when handling their cybersecurity. Effectively managing and protecting critical data across an enterprise computer network requires the constant communication and vigilant oversight found in Zero Trust Architecture.”
Zero Trust Architecture, as its name implies, is a cybersecurity initiative designed to create failsafe mechanisms along a software supply chain that treat every elemental component as a potential threat to the entire network, like the bouncer at the front door of an exclusive club; everyone and everything is vetted prior to entry. And it would appear that corporations are on board with the idea. An Optiv Security survey of corporate cybersecurity leaders showed that everyone, 100% of respondents, agreed that Zero Trust Architecture was at least “somewhat” to “critically important.” Despite the overwhelming support, only 21% have actually adopted the zero-trust model within their enterprise. So what’s the disconnect? Respondents cited too many stakeholders (47%), too many legacy (super-old) software components (44%), and a lack of internal experts who could pull it off (39%).(3)
Szablowski notes, “Ironically, all of these are the precise reasons enterprise corporations need to run, not walk, to implement Zero Trust Architecture. Too many people with unbridled access to critical data and legacy software that is no longer supported are the exact vulnerabilities cybercriminals exploit and the perfect ingredients for an unforeseen IT outage.” In the IBM Cost of a Data Breach Report, the average cost of a data breach reached its highest point in 2022, $4.35 million, a 2.6% increase from 2021. And 83% of organizations have had more than one breach.(4) The research firm Markets and Markets predicts the global market demand for products that support Zero Trust Architecture will increase from $19.6 billion in 2020 to 51.6 billion by 2026.(5)
Despite the increasing adoption of Zero Trust Architecture, IT research firm Gartner reports that only 1% of organizations currently have a mature security program that truly meets the definition of Zero Trust, predicting only 10% will meet the criteria of a mature zero-trust framework by 2026.(6)
The comprehensive and framework-based Zero Trust Resource Planning™ (ZTRP™) management process from Eracent supports and facilitates an effective implementation of Zero Trust Architecture with complete visibility on a single management and reporting platform in an auditable, repeatable, and evolving process. The Zero Trust marketplace has been inundated with random tools with niche functionality, such as software license management or security, that address some, but not all, of the necessary aspects of the Zero Trust security model.
To establish and maintain a comprehensive data foundation that supports security initiatives, an enterprise discovery process must be able to cover 100% of physical and virtual endpoints, servers, installed software and hardware, and application- and component-level vulnerabilities, such as the ones that can be identified by using a Software Bill of Materials (SBOM). Implementing the latest and greatest cybersecurity tools will not provide adequate and complete protection without establishing a strong foundation, full network visibility, and well-managed and automated processes.
Szablowski explains, “Zero Trust Architecture is not a one-and-done. It cannot merely exist as a concept. It needs a structure and real-time audit and risk analysis. For absolute and unwavering protection, the entire scope of the network, what it contains, and what needs to be protected must be clearly defined to fit each enterprise’s unique needs, taking into account their highest risks and priorities.”
Walt Szablowski is the Founder and Executive Chairman of Eracent and serves as Chair of Eracent’s subsidiaries (Eracent SP ZOO, Warsaw, Poland; Eracent Private LTD in Bangalore, India, and Eracent Brazil). Eracent helps its customers meet the challenges of managing IT network assets, software licenses, and cybersecurity in today’s complex and evolving IT environments. Eracent’s enterprise clients save significantly on their annual software spend, reduce their audit and security risks, and establish more efficient asset management processes. Eracent’s client base includes some of the world’s largest corporate and government networks and IT environments. Dozens of Fortune 500 companies rely on Eracent solutions to manage and protect their networks. To learn more, visit http://www.eracent.com/ztrp.
1. Can I use enterprise in my business name? UpCounsel. (n.d.). Retrieved May 4, 2023, from upcounsel.com/can-i-use-enterprise-in-my-business-name
2. Rudden, J. (2023, January 30). Biggest business risks globally 2023. Statista. Retrieved May 4, 2023, from statista.com/statistics/422171/leading-business-risks-globally/
3. Staff, V. B. (2022, February 15). Report: Only 21% of enterprises use zero trust architecture. VentureBeat. Retrieved May 4, 2023, from venturebeat.com/security/report-only-21-of-enterprises-have-adopted-zero-trust-architecture/
4. IBM – United States. (n.d.). Retrieved May 5, 2023, from ibm.com/downloads/cas/3R8N1DZJ
5. Violino, B. (2022, March 1). Why companies are moving to a ‘zero trust’ model of cyber security. CNBC. Retrieved May 4, 2023, from cnbc.com/2022/03/01/why-companies-are-moving-to-a-zero-trust-model-of-cyber-security-.html
6. 06, R. L. | F. (2023, February 7). Companies struggle with Zero Trust as attackers adapt to get around it. Data Center Knowledge | News and analysis for the data center industry. Retrieved May 4, 2023, from datacenterknowledge.com/security/companies-struggle-zero-trust-attackers-adapt-get-around-it