In this environment, the likelihood of a ransomware encounter in any medium or large organisation is far greater. An organisation’s defensive strategy must anticipate these events and limit what a single compromise can yield to the attacker.
That requires both limiting the amount of data accessible from any given device or account and investing in ways to detect and respond faster.
A zero-trust approach
According to the ITRC, the current threat environment warrants a “zero-trust” approach to security. That is to always verify access to a system or to data.
Zero-trust is about getting back to information security basics. It recognises it is no longer sufficient to decide whether a device or user is trustworthy exclusively on whether it has previously authenticated to an internal network.
It also recognises modern approaches to identity and access management can enforce the “principle of least privilege” without imposing additional friction on users.
Users and devices must instead authenticate every time they access applications and data and every authentication should assess a broader set of contextual information about the request. This…
