Rethinking cybersecurity attacks and how to manage them
11 July 2021

Attacks are going to happen. As sure as the sun rises in the East and sets in the West, you can trust that an attempt on your network at one point or another is inevitable. Check Point Research estimates there has been an astounding 97% year-on-year increase in cyberattacks on EMEA organizations in May 2021, and 21% increase since beginning of year. However, accepting the inevitable should be viewed as a position of strength rather than vulnerability. As the saying goes, when you know the punch is coming, you’ll prepare to block.

In a recent cybersecurity podcast, John Kindervag, the creator of zero-trust and Former Field CTO at Palo Alto Networks, highlighted the importance of shifting focus from worrying about the attack surface to securing the protect surface. In placing the protect surface at the centre of security policy, it enables an organisation to design cybersecurity systems from the inside out as opposed to from the outside in. Through his DAAS Elements principle, Kindervag emphasises the importance of having a clear picture of what needs to be protected then proceeding to conduct the appropriate measures to do so.

Unpacking the protect surface: what, where, who?

According to Kindervag, the fundamentals of defining the protect surface begin with ascertaining ‘what’ data is integral to the organisation and needs to be protected. This places data as opposed to infrastructure at the forefront of activities. In doing so it empowers organisations to start focusing on a smaller focal point which in turn capacitates them to optimise their finite resources.

Secondly, understanding the ‘where’ of data is key to mapping out your organisation’s protect surface. Data is exponentially more vulnerable when it is in motion. And so, when the movement of data packets is plotted, securing those channels should be added to the priority list that encompasses the protect surface.

Lastly discerning the ‘who’ component is the final aspect of illustrating your organisational protect surface. Recognising who should have access to data and assets at any given time equips the network managers to grant appropriate user rights. This is vital to minimising the scope of un-permitted access.

The DAAS Elements principle

As an extension of protecting the things that matter, Kindervag unpacked the DAAS Elements principle which denotes the key fundamentals in the security cluster that need to be safeguarded. These are defined as:

Data: In particular, important, and sensitive data such as credit card & financial data, health data, personal information, and intellectual property.

Applications: These are the programs and systems that are the backbone to your organisation such as CRM (Customer Relationship Management), HR (Human Resources), and ERP (Enterprise Resource Planning).

Assets: This defines the organisational infrastructure such as IT (Information Technology), IOT (Internet of Things), IIOT (Industrial Internet of Things) and IoMT (Internet of Medical Things).

Services: These are the fragile components of the organisation such as DNS (Domain Name System), DHCP (Dynamic Host Configuration Protocol)  and NTP (Network Time Protocol), that when compromised vastly impact your enterprise’s ability to operate.

And so, one DAAS element should equal one protect surface and from there a zero trust environment can be built around this element. This is how you invert the approach to cyber security.

Reimagine your system approach

Change is often met with resistance even in the most agile of organisations. However, reimagining as opposed to redesigning systems is an ideological shift that is often times more palpable to an organisation that is in agreement of their core mandate, protecting that which matters.

And so it is with that in mind that Kindervag advocates for the constant rethinking of how we view, approach and deploy our cybersecurity solutions. That is how organisations will continue to keep that essential one step ahead of attackers.

About DataGroutIT

DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.

Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software.

We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.

Post by: DGITUser
More Articles from Articles | Data Security
A simple guide to adopting Zero-Trust

A simple guide to adopting Zero-Trust

Implementing cybersecurity best practice in your organisation should always be viewed as a journey and not an event. The on-going process requires regular revision, adaptation, and evolution. One of the most recent steps in improving organisational...

read more