From ransomware attacks by criminal hacking gangs to sabotage by disgruntled employees, cyberthreats have evolved to become a near-constant concern to businesses all over the world. With the average data breach incident costing businesses approximately $4.24 million, the stakes have never been higher. The cybersecurity world has responded by developing the “Zero Trust” security framework, which requires all users, regardless of how or where they access protected networks, to be authenticated, authorized, and continually validated for security posture before being granted or keeping access to data and applications. The model is gaining increased adoption, with two well-known consulting firms recently launching new platforms based on Zero Trust principles.
Big Four firm Deloitte released its Zero Trust Access managed service, which leverages technology from its recent acquisition of TransientX, a firm well known for its development of zero trust network access technology. Its new service offers device-level security and enforces least privilege policies via dynamic access control. The cloud-native platform aims to secure both communications and access between users, devices, and enterprise applications.
India-based HCL Technologies also announced a new Zero Trust-based cyber offering in partnership with Palo Alto Networks, providing cloud security-as-a-service along with incident response and recovery, as well as managed extended detection and response using Palo Alto’s machine-learning Cortex Platform for improved threat visibility, detection, and investigation.
“Without a doubt, Zero Trust presents new challenges for organizations wanting to adopt this security model, but it also provides a great opportunity for consultants and security companies to help with implementation and change management,” says Gary McAlum, Senior Analyst at TAG Cyber. “Moving to a Zero Trust model is a heavy lift and a long journey for any organization. It will require technology and architectural changes to be sure, but business processes will certainly be impacted and, in some cases, need to be redesigned.”
The two new platforms are a response to the increasing number of organizations adopting the Zero Trust security model, and reflect a desire to capitalize on the growing market for new technology utilizing Zero Trust principles. As companies continue to replace aging cybersecurity apparatus, opportunities for consultancies to provide expertise and support will continue to expand.