Friday , September 6 2024
Zero trust

CISCO report
Globally, 9 in 10 organizations embraced zero-trust security

Nearly 90% of organizations have started adopting zero-trust security, but there is still a lot of work to be done, says a report from CISCO.

86.5% of global information security professionals have begun implementing parts of the zero-trust security model. However, only 2% have completed their deployments.

Cisco released security updates for two critical security flaws

CISCO released security updates for two critical security flaws impacting its smart Licensing Utility that could allow unauthenticated, remote attackers...
Read More
Cisco released security updates for two critical security flaws

OpenBAS: Cutting-edge breach and attack simulation platform

OpenBAS is a platform that helps organizations to plan, schedule, and conduct crisis exercises, adversary simulations, and breach simulations. OpenBAS...
Read More
OpenBAS: Cutting-edge breach and attack simulation platform

Critical Security Flaws Patched in Zyxel Networking Devices

Zyxel has released software updates to fix a serious security issue in certain access point (AP) and security router versions....
Read More
Critical Security Flaws Patched in Zyxel Networking Devices

CVE-2024-38811: CEV In VMware Fusion Unveiled

VMware released a security advisory for a major vulnerability in the VMware Fusion product. This vulnerability could be exploited by...
Read More
CVE-2024-38811: CEV In VMware Fusion Unveiled

CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit...
Read More
CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

How Malaysia’s Data Centre Industry Poised for Growth

Malaysia is quickly becoming a leading choice for investing in data centers. It aims to generate RM3.6 billion (US$781 million)...
Read More
How Malaysia’s Data Centre Industry Poised for Growth

RansomHub exfiltrated data over 210 victims: US alert

US authorities have issued a cybersecurity advisory about a ransomware group called RansomHub. The group is thought to have stolen data...
Read More
RansomHub exfiltrated data over 210 victims: US alert

Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence Data Center and Server products...
Read More
Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

New Cicada ransomware targets VMware ESXi servers

The Cicada3301 ransomware is made in Rust and attacks Windows and Linux/ESXi hosts. Truesec researchers examined a version that targets...
Read More
New Cicada ransomware targets VMware ESXi servers

Monday hits two UK bank apps causes outages

Lloyds Bank and Virgin Money's internet banking services were down on Monday, causing trouble for users to access and view...
Read More
Monday hits two UK bank apps causes outages

Cisco measures maturity based on four “pillars”:

  • Identity, which includes multi-factor authentication (MFA)
  • Device, which includes continuous validation of users’ devices
  • Network and workload, which includes network detection and response, as well as micro-segmentation
  • Automation and orchestration, which includes security orchestration and automated response (SOAR)

ALSO READ:

Windows hello fingerprint auth bypassed on Microsoft, Dell, Lenovo laptops

Organizations don’t need to implement all four pillars of zero trust to see benefits. For instance, completing the identity pillar lowers the risk of ransomware events by almost 11%. Completing the network and workload pillar reduces the likelihood of malicious insider abuse by 9%.

Organizations that have implemented all four pillars have a big payoff. Only 2% of the survey sample falls into this category. These organizations are two times less likely to report security incidents compared to those who are just starting their zero-trust journey. To read the full report click here.

Big jump toward zero trust:

Survey results this year show that organizations are becoming more aware and mature regarding the concept of zero trust. This was noted by J. Wolfgang Goerlich, a Cisco Advisory CISO.“In past studies, a significant part of the sample said they had zero trust in place and were good to go.”

“This year we dug into the technology stack and asked them what technologies they were using, what zero trust aspects have they deployed,” Goerlich continues. “In doing that, our findings went from a large percentage of people saying they deployed zero trust to 2% saying they made progress across all the pillars. That reflects a maturation in security and IT leaders’ understanding of zero trust. Two years ago, people would say, ‘I did identity. I’m good.’ Now that they’re into a real strong push behind zero trust, they’re realizing they need device controls, network coverage, and automation and orchestration.”

“The more organizations know about zero trust, the less they feel competent in zero trust,” Goerlich adds. “The more they learn, the more they realize they need to go further.”

 

Check Also

TD Bank

Bank employee accessed customer data: affect 41 bank clients

A bank employee accesses the personal information of several dozen customers. The person did that …

Leave a Reply

Your email address will not be published. Required fields are marked *