Information security professionals should readjust some widely held views on how to combat cyber risks, according to a new Forrester Research report.
Security professionals emphasize strengthening the network perimeter, it states, but evolving threats—such as increasing misuse of employee passwords and targeted attacks—mean executives need to start buffering internal networks. In what Forrester calls its new “Zero Trust” security model, companies should also analyze employee access and internal network traffic.
The report bears out conclusions from several other studies. For example, password credential abuse was the most common cause of the 275 data breaches studied in Verizon Business’s latest annual Data Breach Report. It was involved in 46 percent of cases, up from 26 percent the year before.
One major recommendation of the Forrester report is for companies to grant minimal employee access privileges. It also emphasizes the importance of log analysis.
Verizon made a similar recommendation. Its report noted that while companies learned about the breach from a third party in 60 percent of the cases studied, information on the attack was already available in company logs in 87 percent of cases.
Another Forrester recommendation is for increased use of tools that inspect the actual content, or data “packets,” of internal traffic. Relatively few organizations conduct such inspections, writes report lead author and Forrester senior analyst Jonathan Kindervag, but it can be more effective than log analysis at uncovering threats.