By Russell Tal, Alliance Marketing Manager
In the first part of this three-part blogpost series, we discussed how the pandemic has drastically accelerated adoption of cloud technologies like Microsoft Azure, and how cyber criminals are keen to exploit new vulnerabilities created by a newly remote workforce. This second part will focus on recommendations for defensein-depth strategies, zero-trust security models, and new approaches to secure cloud-enabled and remote workforce deployments from advanced cyber threats.
Recommendations for addressing advanced security threats
In this blogpost, Check Point makes many recommendations for dealing with the cyber security challenges that were outlined in Part One.
Check Point has worked with organizations of all sizes using many deployment models, especially as they transition to cloud technologies like Microsoft Azure. Our recommendations often combine a defense-in-depth strategy with a zero-trust model to layer security into their existing infrastructure and applications, putting measures in place to prevent sophisticated cloud-based threats without sacrificing the performance, scalability and efficiency of Microsoft Azure.
The rise of the practical applications of artificial intelligence (AI) and machine learning (ML) automate complex security processes. We will discuss how AI-enabled security can be enhanced while eliminating manual fine-tuning (and the security gaps that often result).
Defense-in-depth strategies to secure the enterprise
Defense-in-depth has been a cybersecurity concept for over twenty-five years, based on the centuries-old military strategy where the goal is to delay and weaken advance of an attack, rather than beating it with one massive line of defense.
When protecting a castle, one has to get through the protected layers of the moat, ramparts, drawbridge, towers, battlements, and so forth. In cybersecurity, defense-in-depth strategy layers series of security mechanisms and controls throughout a computer system to protect the confidentiality, integrity, and availability of the network and the data within. In on-premises environments, implementing firewalls (e.g., Check Point Security Gateways) has been a highly-recommended first line of defense for decades. Additional layers of security measures, such as deploying intrusion prevention and/or detection systems, endpoint detection and response (EDR), network segmentation, the principle of least privilege, strong passwords, and patch management are often recommended.
Zero trust model: Never trust and always verify
While defense in depth is important, it can only take you so far. In today’s digital, cloudified, distributed, and mobile work environment, there is no “inside the security perimeter,” because the perimeter is everywhere. This new reality has dire implications for cybersecurity, with an attack surface that has never been greater, and with
cyber criminals who have become acutely adept to exploiting this new reality. The key to overcoming the challenge of “perimeter is everywhere” is the Zero Trust Security model, driven by the principles of never trusting anything outside or inside the organization’s security perimeters. This means no device, user, workload, or system should be trusted by default, regardless of the location it is operating from. With seven key principles of implementation (networks, workloads, data, people, devices, visibility and analytics, and automation and orchestration), organizations can adopt a security posture of “Default Deny” where systems are hardened and isolated until a level of trust is established.
How Check Point implements security strategies
In applying this to Microsoft Azure as well as other cloud and hybrid systems, Check Point solutions span many environments, allowing organizations to prevent breaches and manage the entire security environment with unified policies. Check Point applies both a defense-in-depth security approach and a zero-trust model to diverse touchpoints such as on-premises networks, cloud, mobile, endpoint, and IoT devices.
With the combination of these approaches, organizations can layer in a defense-in-depth strategy to successfully detect, respond, and shut down attacks on distributed workforces, networks, and cloud-enabled environments while also focusing on threat prevention. Security teams can manage it all efficiently through a centralized security console.
The future of cybersecurity
While these recommendations are solid and effective, artificial intelligence and machine learning are capable of taking cloud security to the next level, not only in terms of effectiveness but also in ease of use for administrators. While AI and ML have been buzzwords for a few years, the future is here today. The final blog post in this series will discuss AI and ML can increase efficiency and accuracy of cyber defense against sophisticated and automated cyber attacks. We will also discuss how Check Point uses those technologies to protect your organization from advanced cyber attacks.
Be sure to visit Check Point’s virtual booth during Microsoft Ignite. To learn more about on how to Microsoft and Check Point can enable a security-first strategy within your Microsoft investments, check out our sessions at Microsoft Ignite this year: