By now, companies and organizations should (hopefully) have come to terms with the idea that their IT can never be 100% secure and that any company - no matter how big, in which economic sector or how attractive - can always be hit. If you look at sites like Ransomware.live, Konbriefing.com or the X-account like that of the DarkWebInformers you can be sure of one thing: It is only a matter of time before you are affected yourself.

This is precisely why companies and organizations need to develop modern IT security strategies in order to be prepared for cyber incidents.

What does "modern" mean in this case?

Cyber security used to be "relatively" easy to understand on the surface. The IT organization built a castle wall with the network perimeter to protect its own organization from the evil outside world. Entrances into the castle were only permitted via firewalls or VPNs. Otherwise, everything was sealed off from the outside world.

But in today's digital world, the castle wall of the network perimeter is simply no longer enough. The way we work together, the distribution of data via the cloud and SaaS applications or the physical independence of work pose the challenge for a company to open its castle wall. Network boundaries are disappearing.

Companies must therefore adapt their IT security strategy to these circumstances and find modern approaches to protect themselves against them.

The problem with modern IT security strategy = Zero Trust

In recent years, Zero Trust has been dragged through the marketing and sales slides of cybersecurity providers like no other term in the cybersecurity space. In connection with the provider's corresponding "Zero Trust solution", Zero Trust has been touted as the savior from the dark world of cybersecurity. As a result, the actual understanding of Zero Trust was not communicated at all.

Zero Trust is neither a solution, nor a technology, nor an IT security strategy. The Zero Trust Security Framework is a set of toolsr to protect themselves against the risks and dangers of the modern digital world. Point.

And what companies and organizations need to understand in the context of IT security is that this toolbox of the Zero Trust Security Framework is the only option to protect against these risks and threats.

What must a modern IT security strategy include?

A modern IT security strategy must include a plan on how to protect against the dangers and risks of the digital world today and in the future. And this is where the Zero Trust toolbox comes into play. Because the most essential component of Zero Trust is that identity replaces the network perimeter as the primary security factor. A modern IT security strategy must therefore revolve around identity.

Why is identity so important? In the past, verification of access authorization was primarily based on whether or not a user was in the network or network segment - simply put. Since these network boundaries no longer exist, a different verification of access authorization must take place - the identity. Basically, you can think of it like in the James Bond films. If someone wanted to gain access somewhere, they had to authenticate themselves (in James Bond, for example, it was via a finger scanner, iris scanner, you name it). This is exactly what is now happening in IT. Identity is becoming the leading security factor and the element (user, device, application, etc.) must be able to verify that it is who it claims to be.

So if identity becomes the primary security factor, as an organization I need to know which identities are present in my company. And identities are not just those of employees or users in general. Identities can be service accounts, end user devices, network components, applications, servers, IoT systems, etc. Everything has an identity. An inventory is therefore essential.

Based on the inventory and the general understanding of your own business, the "Crystals and jewels" must be identified. In other words, which elements are required for the economic operation of the company (which systems produce the money). For these elements, the risks and dangers must be identified and finally an action plan derived to secure and protect them.

Another part of this security plan must be the topic of "Incident Detection & Response". How do we as an organization find out that a cyber incident is taking place and how do we respond? This main question leads to many other follow-up questions that organizations need to ask themselves. Terms such as Monitoring and logging and Business Continuity Management are essential in this context in order to prepare for security breaches and be able to react quickly.

All components and elements of this security plan must flow into one another, building on the security factor of identity, and thus form a holistic cybersecurity protection.

Conclusion

Identity is an essential factor in modern IT security strategies. All aspects must therefore be built around it. First and foremost, organizations must ask themselves the following questions:

• What are my identities in the organization?
• Which resources do my identities access?
• Which resources are particularly worth protecting?
• How can I control my identities' access to resources?
• How do I track my identities' access to resources?
• How can I detect anomalies in the access of my identities?
• How do I respond to anomalies and security breaches to ensure my organization's business operations?

Based on this information, a pragmatic and holistic IT security strategy can be developed. 🛡️