Select Page

Zero-trust is up post-COVID-19, but you’d be wrong for thinking it will keep networks safe

CYBSAFE-SebDB Webinar-preblog-221011MS-36

6 August 2020

“Now a good chunk of your critical assets are behind the firewall, but all your employees are not.” 

That’s what NetMotion CEO Christopher Kenessey said recently. He was summarising the problem we’re all facing: All of a sudden, the working world has changed. How can we secure our networks in the new working world?

The rise of zero-trust

According to Dark Reading, many are turning to zero-trust security models Under the model, security pros treat everyone as potentially compromised at all times.  And they continuously check to see if that’s the case. It’s a smart ploy. Verifying rather than trusting helps detect threats sooner. But still, is it really enough?

No silver bullets

In security, there is no such thing as a silver bullet.  That’s why almost all of us take a layered approach to security. Almost all of us use multiple safeguards to protect the same thing. We use passphrases and app-based authentication. We install firewalls and antivirus software. We enlist spam filters and simulated attacks. So don’t get us wrong: in the post-COVID world, zero-trust is an extremely good thing. But zero-trust tasks a small handful of people (like the IT or security team) with spotting attacks.  Can we not enlist our people to help?

Recruiting our people

With borderless security awareness, our people help us spot and stop attacks.  Yes, people are increasingly “working from anywhere”.  And yes, things like security posters, seminars and e-learning have lost gravitas. But we must keep in mind that our people are still our greatest asset. Borderless security awareness recognises two things. It recognises that COVID-19 has erased more than just the border between homes and offices. COVID-19 has also erased borders curtailing protected networks, security policies, ambitions and mindsets. And it recognises that our people can be our greatest cyber defence. We’ve written about borderless in detail here. In short, borderless flips the traditional model for security awareness on its head. It grants people the information they need whenever they need it, wherever they are. That means real-time support.  Not a training seminar six months before an attack. Not an annual dose of compliance-based e-learning. Here’s how borderless looks in practice.

A borderless approach for a borderless world

Post-COVID, it’s clear we need a new approach to addressing the human aspect of security.  We need ingenuity. We need to rethink things.  As was the case pre-COVID, we need to verify rather than trust. We do need zero-trust models. But we also need a new approach to security awareness fit for the way we now work. Post-COVID, we need borderless security awareness.

Behave Hub newsletter CybSafe

Do one more thing right today. Subscribe to the Behave newsletter

You may also like

Maximizing security awareness engagement: How the pros do it

Maximizing security awareness engagement: How the pros do it

Ditch mandatory training, starting riiiight…now!Want to boost security awareness? Talk about something else entirelyGet serious about funThe top mic-drop insights from our Cybersecurity Awareness Month engagement webinar We know people whose organizations make a big deal of CAM are much more...