Zero trust closes the end-user gap in cybersecurity

Specifically, 68% of respondents are worried about cloud applications and data being attacked by malware, ransomware, and phishing. While 55% don’t feel confident that their cloud security is properly configured, 59% believe they have the proper controls in place to secure the cloud. About one in three respondents said adequate staff training in cybersecurity was a challenge.

End user attacked

Keri Pearlson, executive director of research consortium MIT Cybersecurity at MIT Sloan (CAMS), says the weakest link in any IT security strategy has always been people. CAMS studies organizational, managerial and strategic issues in cyberspace. “It only takes one person to click on the wrong email or wrong link or install the wrong program and the systems will be infected. It’s not just end users in the traditional sense, but everyone who interacts with our systems. Pearlson says: Every person who interacts with the system is a point of vulnerability.

Salvi said that while typically more than 99% of system security measures are handled by IT, the fraction of user-facing security threats is responsible for nearly 19 out of 20 cyberattacks. .

“It all started through phishing emails,” says Salvi. “They’re trying to get the key rather than break the lock.” Some phishing attempts can fool even vigilant users, masquerading as urgent messages from HR or the C-suite. Dynamic lockdown puts end-users in a position where more damage can be done, and security strategy is adjusted quickly.

graphic quote

In contrast to traditional end-user security models, a user’s first login into an untrusted environment — even once confirmed by fingerprint, face scan, or multi-factor authentication — not the end of surveillance. Once in, zero trust follows discreetly as users move through the cyber day, making sure they don’t do something nefarious and don’t mistakenly click on a link that opens the door to hackers. Except for the occasional re-authentication request, the user won’t notice zero trust unless it decides it can’t trust you and locks you out from somewhere you want to go.

“I don’t need to depend on users to do the right thing for security to work,” says Salvi. “They don’t have to remember a complicated password or change it every three months or be cautious about what they download.”

Download full report.

This content is produced by Insights, the custom content arm of MIT Technology Review. It was not written by the editorial board of the MIT Technology Review.

Source link


Kig News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button