Where CISOs are quickly winning zero-trust today to save tomorrow’s budgets

Watch on-demand sessions from the Low-Code/No-Code Summit on how to successfully innovate and leverage citizen developers at scale. look now.

To protect their budgets from further cuts, CISOs are quickly winning to prove the value of spending on zero trust. It’s clear that technology stacks need to be consolidated and strengthened to protect multicloud infrastructure and keep endpoint sprawl in check. The more complex and legacy-based the infrastructure, the longer it may take for zero-trust to win.

Using third-party data as a guardrail

A common strategy to show how spending on zero trust protects revenue is supported by Guardel, or by using data from third-party research firms to validate- and lower-limit spending limits. CISOs cite data from Gartner, Forrester and IDC when hoping to protect their budgets while minimizing their costs. Forrester’s 2023 Security and Risk Planning Guide is a resource CISOs rely on to define guardrails and protect their costs.

The planning guide shows that data-loss prevention (DLP), security user behavior analytics, and standalone secure web gateways (SWG) are reducing on-premises costs, giving CISOs the data they need to shift costs to cloud-based platforms that are combined. These features.

Where CISOs are finding quick wins

Security and IT teams are working overtime to get quick wins and protect their budgets before the end of the year. Their budget savings will fund new automated apps and tools that will help them scale and keep more security under control next year. Many realize that if they can show results from baseline zero-trust projects, larger and more complex projects like microsegmentation and software supply chain security will be funded.


Intelligent Security Summit

8 Dec Learn the critical role of AI and ML in cyber security and industry specific case studies. Register for your free pass today.

Register now

>>Don’t miss our new special issue: Zero Trust: The New Security Paradigm.<

Here are quick wins for CISOs and their teams to protect their budgets and prove the value of zero trust to CEOs and boards scrutinizing enterprise costs:

Enabling multifactor authentication (MFA) is a simple quick win at first. Considered by many CISOs as a quick win that delivers measurable results, MFA is the foundation of many organizations’ zero-trust strategies. Forrester notes that enterprises need to aim high when implementing MFA and add what-you-get (biometric), what-you-do (behavioral biometrics), or what-you-have (token) factors to the know-how. (password or pin code) legacy single-factor authentication implementation.

Andrew Hewitt, a senior analyst at Forrester and author of the report, The Future of Endpoint Management, told VentureBeat that when clients ask how to get started, “the best place to start is implementing multifactor authentication. It’s about ensuring that enterprise data is secure.” can go a long way. From there, it’s enrolling devices and maintaining a strong compliance standard with Unified Endpoint Management (UEM) tools.”

Update and audit the configuration of cloud-based email security suites. CISOs tell VentureBeat they are leaning on their email security vendors to improve anti-phishing technology and better zero-trust-based controls for suspicious URL and attachment scanning. Leading vendors are using computer vision to identify suspicious URLs they quarantine and then destroy.

CISOs are quickly winning over cloud-based email security suites that provide email hygiene capabilities. According to Gartner, 70% of email security suites are cloud-based.

Market leaders are also leveraging vendor consolidation in this space as they improve their endpoint detection and response (EDR) integration. “Consider email-focused security orchestration automation and response (SOAR) tools, such as M-SOAR, or enhanced detection and response (XDR) that incorporate email security. This will help you automate and improve response to email attacks,” Gartner VP Analyst Paul Furtado writes, in a research note on how to prepare for ransomware attacks [subscription required].

Doubling down on training and development is a quick win that boosts zero-confidence skills. It’s encouraging to see that organizations are choosing to pay for training and certification to retain their IT and cybersecurity experts. Scaling every IT and security team member with zero-trust skills helps overcome roadblocks that can slow down implementation projects.

For example, there are more than 1,200 cybersecurity courses available on LinkedIn today. In addition, there are 76 courses focused on zero trust and 139 practical cybersecurity steps that can be taken immediately to secure systems and platforms.

Reset administrative access privileges for endpoints, apps, and systems to current administrators only. CISOs often inherit legacy tech stacks with administrative privileges that haven’t been reset in years. As a result, former employees, contractors, and support teams of current and past vendors often have system access. CISOs need to start by looking at who still has access privileges to Identity Access Management (IAM) and Privileged Access Management (PAM) systems. This is key to closing trust gaps across the tech stack and reducing the threat of insider attacks.

Security teams should start by removing all access privileges for expired accounts, then monitor and track all identity-related activity in real time. Kapil Raina, vice president of zero-trust marketing at CrowdStrike, told VentureBeat that “auditing and identifying all credentials (human and machine) to identify attack paths, such as from shadow administrator privileges, and automatically or manually adjusting a Good idea. Privilege.”

Similarly, Furtado writes that “to prevent account compromise it is best to remove users’ local administrative privileges on endpoints and limit access to the most sensitive business applications, including email.”

Increase the frequency of vulnerability scans and use data to better measure risk. Vulnerability management suites are not used to their full potential as organizations scan, patch, and rescan to see if patches fix a vulnerability. Instead use a vulnerability management suite to define and then measure a risk management program. Vulnerability management’s scanning data helps create the risk-quantification analysis that senior management and the board need to believe that cybersecurity is paying off.

For example, a current vulnerability management suite will identify hundreds to thousands of vulnerabilities across a network. Instead of turning these alerts off or dialing down their sensitivity, scan more and use the data to see how zero-faith investing is helping reduce risk.

The most effective vulnerability management systems integrate MFA, patching systems, and microsegmentation to reduce the risk of patching exceptions that lead to breaches.

Consider upgrading to an endpoint security platform that can deliver and enforce least-privileged access while tracking endpoint health, configuration, and intrusion attempts. Enforcing less-privileged access by endpoints, performing microsegmentation, and enabling MFA by an endpoint are some of the reasons organizations should consider upgrading their endpoint protection platforms (EPP). In addition, cloud-based endpoint security platforms monitor current device health, configuration and if there are any agents that conflict with each other and prevent breaches and intrusions.

Forrester’s Future of Endpoint Management report, mentioned earlier, covers self-healing endpoints; CISOs continue to budget for an area. Hewitt told VentureBeat that “most self-healing firmware is embedded directly into the OEM hardware. It’s worth asking about this in future procurement conversations when discussing new terms for endpoints. What kind of security hardware is embedded? Are there any players? What additional Can management gain benefits?”

Absolute Software, Akamai, BlackBerry, Cisco, Ivanti, Malwarebytes, McAfee, Microsoft 365, Qualys, SentinelOne, Tanium, Trend Micro, Webroot and many others have endpoints that can heal themselves autonomously.

Establish risk-based conditional access across all endpoints and assets. Risk-based access to applications, endpoints, or systems based on unusual behavior combined with device type, device settings, location, and dozens of other attributes is enabled within a least-privileged access session. Cyber ​​security vendors use machine learning (ML) algorithms to calculate real-time risk scores. “This ensures that MFA (multifactor authentication) is only triggered when the level of risk changes – ensuring protection without reducing user productivity,” CrowdStrike’s Raina told VentureBeat.

Budget defense with risk measurement

Behind these zero-trust quick wins that are prioritizing CISOs is the need to measure how each mitigates risk and removes potential obstacles as their organizations try to grow their business. CISOs who can show how current cybersecurity spending is protecting revenue — while gaining customer trust — are exactly what CEOs and boards need to know. Many IT and security teams are aiming for this goal. Capturing enough data to demonstrate zero trust reduces risk, avoids intrusions and breaches, and protects revenue streams. Often, zero-trust budgets are a single percentage of total sales, making the investment worthwhile for customer and revenue protection.

VentureBeat’s Mission To be a digital town square for technical decision makers to gain knowledge about transformative enterprise technologies and transactions. Discover our briefing.