• Latest
  • Trending
Decoding Biden’s Push for Zero Trust: Why Should the Indian Government Adopt It?

Decoding Biden’s Push for Zero Trust: Why Should the Indian Government Adopt It?

November 18, 2021
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Thursday, 7 December, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Decoding Biden’s Push for Zero Trust: Why Should the Indian Government Adopt It?

by ITECHNEWS
November 18, 2021
in Opinion
0 0
0
Decoding Biden’s Push for Zero Trust: Why Should the Indian Government Adopt It?

In light of several crippling cybersecurity attacks that paralyzed entire companies and went to the extent of adversely affecting multiple federal agencies, the Biden administration had, on the 12th of May, signed an executive order which outlined a fresh approach towards improving the nation’s cybersecurity posture. One of the central pillars of this renewed approach is a firm belief in zero trust security. Zero trust as a security strategy is still in its infancy. Still, of late, it has come to the spotlight because of a multi-tiered continuous authentication, authorization and monitoring strategy that secures network infrastructure from a wide range of breaches.

In this context, the Executive Order was followed up with a Draft on Zero Trust Strategy, setting goals for all federal agencies to adopt zero trust by 2024. It was necessary to move to a dynamic security strategy that relied on modern security controls and understood modern networks.

YOU MAY ALSO LIKE

Making Biometrics Work: 3 Ways To Jumpstart the Process

How to prevent cyberbullying: Keeping students safe

The Scope of the Zero Trust Idea

Zero trust, as a concept, has constantly been evolving, and its scope of definition has been expanding to include multiple facets of data, applications, networks and identities. At its core, however, zero trust relies on the belief that no application, device or user, can be assigned any form of trust by default. It doesn’t matter whether the said entity is within or outside the metaphorical security perimeter. Every asset is to be thoroughly verified before granting access. When it comes to access, that access, too, must be granted on what is called a ‘need to know’ basis. This concept of least privilege access shouldn’t just be on paper. This means that other than what a verified entity is allowed to access, all other resources will be completely inaccessible and invisible to it.

Government entities may find it extremely tough to get into the zero trust gear, but following a methodical approach may help gradually implement the zero trust model. Here, one must keep in mind that zero trust is not limited to a set of tools/technologies that should completely replace existing tech. Instead, it is a dynamic strategy that needs to be implemented considering the current gaps in the network infrastructure and resolving said gaps before upgrading one’s security posture.

Decoding the Zero Trust Idea

Most businesses use traditional security systems, which have an authorization and access system that is pretty much similar to the railway station, and this system of excessive implicit trust has been a prime reason for cyberattacks. Once a user is assumed to be trusted, they are granted access to the whole network. So, once a device is compromised, the entire network may be potentially compromised as well. This scenario has become especially true in today’s context, with a massive increase in unmanaged work from home devices and remote employees using unsecured networks to access your applications. Thus, it boils down to the single dictum of trust: how much trust should we assign and when should we assign it?

The zero trust model essentially requires all users/devices to be authenticated and authorized, all access to be restricted on a need to know basis, constant monitoring and visibility of all network traffic for real-time identification of threat vectors and a continuous risk and trust assessment of every access request and the context of every access request separately.

Why Should the Indian Government Follow the USA’s Footsteps?

Indian government agencies and India Inc. have seen their fair share of data breaches over the past year. Notable attacks include the Mumbai power outage, the Mobikwik and Zomato leaks and the BigBasket and Dominos breaches. The stats are quite telling of India’s predicament with cyber-attacks and the under-preparedness of federal agencies when it comes to securing their networks.

As per IBM’s Cost of a Data Breach Report, the average cost of one data breach in India stands at a whopping $2.21m. And the average global cost of a breach in a federal agency has risen 79% over the last year, to $1.93m. But such breaches do not just extend to losses in terms of costs. A large portion of the records compromised, almost 44%, include PII, or personally identifiable information. For federal agencies like the UIDAI, despite their stringent regulatory stand, this stat becomes all the more reason to consider adopting a transformative approach to security revolving around zero trust.

Again, it must be understood here that zero trust here doesn’t reflect a single tool but a set of dynamic strategies that must be implemented to operationalize a model of continuous authentication, authorization and monitoring. As the US Federal Government’s draft reflects, this means starting with a reorientation of identity and access management policies, identification and classification of all data. Also included is an inventory of all connected devices that can access critical government information and an assessment of current security infrastructure for gaps, vis-a-vis the proposed zero trust modeled architecture that is being implemented.

The Indian Government has, over the past few years, tried to focus on security as a critical aspect of its policy, especially in light of several credible cyber-threats arising from our somewhat volatile neighborhood. The founding of the DSCI in 2008 was a step in the right direction, and the DSCI has since been instrumental in driving data security initiatives in the country. Yet, the lack of a credible updated cybersecurity policy that covers novel threats and challenges and incorporates the massive shift to the cloud and a remote work model is blatantly visible. As such, the US Government’s effort towards a transformational security model that is future-proof can serve as a guiding light for the Indian Government in formulating a future-ready, cloud-ready, remote-ready cyber policy that focuses on zero trust adoption

Source: Sandip Kumar Panda CEO and Co-Founder of Instasafe Technologies

ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version