Since the COVID-19 pandemic began, the number of endpoints to defend has exploded as government employees started working remotely. These endpoints include devices such as laptops, smartphones and tablets, and they are leaving agencies more vulnerable than before. Going forward, the more endpoints agencies have, the more targets they will present to cyberthreats.
According to Rich Thompson, Vice President of Global Sales Engineering at enterprise software firm BlackBerry Limited, agencies aren’t helpless against this trend. Thompson gave agencies three pointers for protecting themselves with zero trust cybersecurity, which assumes everyone and everything on IT networks is potentially threatening.
1. Expect human error
Humans are not perfect, and the mistakes they will inevitably make should factor into cybersecurity. Subsequently, expecting missteps can help guard agency resources better.
“Every time you increase friction on the user, they’ll find ways around it or not use it,” he said of agencies’ applications. “If I lock it down, nobody would have access to it, but it would be 100% secure.”
Thompson argued a zero-trust, risk-based approach to cybersecurity can effectively balance how employees work with the data their agencies must defend.
2. Turn to zero trust
Zero trust cybersecurity addresses de-perimeterization, or the gradual erosion of network boundaries. With zero trust, users must be capable of securely accessing data from anywhere no matter where it resides. To accomplish this, agencies must assume external and internal threats constantly exist on their endpoints and networks.
“Zero trust is an aspirational goal,” he said. “It is the freedom to be productive and secure from anywhere in the world.”
Using zero trust, agencies must authenticate and authorize every device, network flow and user accessing their data. Agencies should practice zero trust dynamically, using their latest information about potential security threats.
3. Leverage machine learning
Machine learning happens when computer algorithms “learn” how to perform functions using data. Machine learning can help agencies practice zero trust more efficiently. By analyzing data, these machines can inform security personnel about which threats deserve the most attention.
“Machine learning’s greatest gift to the world is to provide data at scale in real time,” Thompson said. “The machines can take care of themselves if given the proper data. It’s more work than a human can do and on a quicker scale.”
Aided by machine learning, humans can make more informed decisions about how to improve cybersecurity faster. For instance, machine learning can alert agencies about suspicious email attachments in real time. Additionally, solutions such as those BlackBerry Limited provides can aid agencies with practicing zero trust agencywide.
“The only way to achieve strong zero trust cybersecurity is with machine learning,” Thompson said. “This area of technology continues to grow and evolve, transforming zero trust from aspiration to reality for both security teams and end users.”