Many of today’s security technologies are designed around the detection of threats to information technology (IT). However, networks and endpoints now include legacy Operational Technology (OT), Internet of Things (IoT) devices, applications, and other new types of connections that are not protected.
Operational technology and IoT devices vastly outnumber IT devices. They also have their own unique operating systems.
The typical IT-centric approach and tools currently used to protect communications fail to address known vulnerabilities inherent in the wide array of architectures, software, and equipment. The reason is – they are designed and built primarily for “open” communications framework as opposed to a Zero Trust framework.
In short, operational technology is too complex and diverse to protect with an IT approach and tools, too expensive to replace, and become increasingly hard to manage.
Recent Cyber Attacks Prove the Threat is Extensive
With the exposure of recent breaches such as the one involving SolarWinds, it is now painfully apparent that “the bad guys” are deeper in our networks and endpoints than we thought.
The other realization is that these hackers are not the lone person operating out of a basement or warehouse. Cybercriminals are well-financed, highly skilled professionals. They often work directly for nation-states and use increasingly more sophisticated tools and techniques. What’s more, they are targeting industries and government agencies where they can either cause the most damage (disrupting critical infrastructure and services) or gather the most sensitive data possible to hold for ransom.
Zero Trust Architecture is Necessary for Protection
Adopting a Zero Trust framework and culture has become the obvious choice for mitigating risk and reducing losses of data, assets, and lives.
The Onclave platform and how we align with the new Zero Trust Architecture developed by the National Institute of Standards and Technology (NIST) and all of their contributors, offers enterprises the fastest, most secure path to establishing secure communications and a Zero Trust state.