• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

A zero-trust future for businesses requires mindset transformation

Dave Russell by Dave Russell
December 16, 2022
Photo by RODNAE Productions from Pexels: https://www.pexels.com/photo/marketing-man-people-woman-7414284/

Photo by RODNAE Productions from Pexels: https://www.pexels.com/photo/marketing-man-people-woman-7414284/

As cyberattacks become more sophisticated and IT systems ever more complex, zero-trust architecture is becoming a hot topic in security. But zero trust is not a new idea, it's a continuation of a principle that’s been around for years. Let's explore the history and challenges of zero-trust, the critical role of secure backups, and why such projects are never really over.

If you pay attention to industry news you will see a lot of discussion around zero trust in recent months. Cyberattacks, particularly ransomware, are becoming increasingly nuanced and more frequent. Research from the IBM 2021 Cost of a Data Breach Report, shows record levels of data breaches around the world with Asia topping the world as the most attacked region in 2021. Asia accounted for one in four cybersecurity attacks launched worldwide. Japan, Australia, and India experienced the most incidents in the region, 

Zero-Trust: New concept, old principles 

A key driver is accelerating the adoption and growing complexity of digital infrastructure - meaning more access points and integrations across IT and OT networks, public clouds, and between a myriad of different parties. In Asia, zero-trust adoption among APAC organisations has been slower than in the rest of the world.

However there are signs of accelerating growth as the Okta State of Zero Trust Security in Asia Pacific 2022 report, showed that 50% of APAC companies had implemented a Zero Trust Security initiative, an 18% jump from 2021, albeit still slower than the rest of the world

In truth, zero trust is not a new idea.

I’ve worked in data storage for 20+ years and even in those early days, the practice of building systems or components to be ‘mutually suspicious’ of each other was commonplace. Zero-trust is a continuation of this same idea but like many things in the digital space, scale and complexity have reached new levels. 

The other thing about zero-trust which people often misunderstand is that it's not a product that you can purchase and just plug into your existing architecture. Zero-trust is a culture, it's a complete change of mindset, for both the organisation and the system itself, and it's supported by a litany of intertwined products. This focus on mindset is crucial. You can’t just implement it and forget about it. You need to constantly re-evaluate and apply it to everything you do. 

Source: Google Trends: Use of ‘Zero Trust’ over time

Backup and recovery are an overlooked necessity for zero-trust

The two core principles of a zero-trust architecture are to always verify, and always assume a breach, meaning security on the inside of the system has to be as robust as that on the outside. An element of this that is not talked about enough is backup and disaster recovery.

Zero-trust is a layered strategy - you design the architecture assuming traffic may be malicious, devices and infrastructure could be compromised, and critical data is always at risk. But this bottom layer is the most crucial, if all else fails you need a core fail-safe to restore your data and get your systems back up and running as quickly as possible.

Modern threats like ransomware are incredibly sophisticated, actively targeting system backups as part of their attacks. In the recent Veeam Ransomware Trends Report, Veeam found that 94% of ransomware attacks targeted backup repositories, with 68% of those being successful.

A truly zero-trust strategy needs to account for this and has backups in place that are either offline, air-gapped (unreachable), immutable (unchangeable), or, even better, all three to have a bulletproof setup.

Never-ending challenges 

Implementing zero trust across an organisation is not a simple task. Many challenges are involved in building a truly zero-trust architecture. The first is getting buy-in. Because adopting zero-trust requires a united effort and a top-to-bottom mindset change, it needs to be embraced and understood by leadership, administrators and users.

Senior decision-makers need to understand its value and assign adequate funding, administrators need to have buy-in as well as relevant training, and users must truly understand and follow new policies. Even after initial zero-trust capabilities have been implemented, you must ensure follow-through across the organisation, rather than a ‘one and done’ mentality. 

It's vital to keep re-evaluating your security and pushing that mindset as far as possible. In reality, most ‘zero-trust’ architectures are probably 0.3% or 0.5% trust; the journey to zero has to always be ongoing.  

Bringing it back to the basics

In the modern environment, zero-trust is becoming a requirement to keep businesses and systems safe from evolving threats. The commitment required to implement such a strategy should not be taken lightly, however, as it takes organisation-wide commitment to truly adopt and build a zero-trust architecture and culture.

Doing so is a constant journey, but if you start with a modern data protection strategy entailing secure backups and robust disaster recovery and build out from there, you will always have something to fall back on.

Related:  PodChats for FutureCIO: Containing the cyber contagion in ASEAN healthcare
Tags: backup and recoverycyberattacksransomwareVeeamZero Trust
Dave Russell

Dave Russell

A 30-year veteran in the storage industry, Dave Russell is Vice President of Enterprise Strategy at Veeam, responsible for driving strategic product and go-to-market programs, spearheading industry engagement and evangelizing Veeam’s vision for the Cloud Data Management at key events across the globe and working with the Executive Leadership team in accelerating the company’s growth in the enterprise. Prior to Veeam, Russell held the role of Vice President and Distinguished Analyst at Gartner. His research focus at Gartner was on storage strategies and technologies, with an emphasis on backup/recovery, snapshot and replication, software-defined storage (SDS) and storage management. He was the lead author of the Magic Quadrant for Data Center Backup & Recovery Solutions from 2006 to 2018. Prior to joining Gartner, Russell spent 15 years at IBM in storage product development as a Software Engineer in mainframe backup/recovery and as a manager of product development, architecture and strategy teams for distributed systems backup/recovery and storage solutions.

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe