The zero trust blindspot

Zero trust architecture is undoubtedly the future of cybersecurity. It does not however typically extend beyond network access, which is a shortcoming that will eventually come back to bite the information security community as a whole, says Pete Smith, archTIS VP and General Manager of EMEA.
Zero trust architecture is undoubtedly the future of cybersecurity. However, it does not typically extend beyond network access, which is a shortcoming that will eventually come back to bite the information security community as a whole, says Pete Smith, archTIS VP and General Manager of EMEA.

It’s easy to be seen as paranoid in cybersecurity. The threats we face are often silent and complex; the solutions we create to combat them are quietly implemented, not giving attackers any more information than they already have on what they are up against. This creates a lot of noise around the issues, and virtually nothing when it comes to solutions.

The push to zero trust architecture is a breath of fresh air to the status quo. It is a real, proactive response to the constant looming threat of breach from increasingly sophisticated hostile actors. It changes the ‘default state’ to denying access to outside the network, unless they can verify themselves. This fundamental shift in ethos moves the security industry forward.

There is, however, a blind spot not currently being addressed, and because of it, we’re likely to see a deflation of the Zero Trust hype: securing the data itself. Without applying the same principles of Zero Trust to the data behind the network it protects, we’re still in for the host of data breaches caused by what the security world calls ‘insider threats’. The term covers everything from corporate spies and moles deliberately leaking information or selling it to the highest bidder, through to negligent office workers leaving a laptop on a bus or sharing a file with the wrong email address. 

Let’s use an example from right here on British soil: the recent breach of UK Special Forces personal data via WhatsApp. There are few organizations globally with more incentive to keep personal data secret than the MOD officials who deal with personnel in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment. Yet, this individual could download a sensitive excel file with their names, ID numbers and previous roles within the military completely unimpeded and subsequently share it with the world on WhatsApp.

The incident is just one of many. Corporate security teams are full of stories where user error or malicious actions completely invalidate millions of pounds spent shoring up the perimeter. Unfortunately, it simply does not matter how resilient your network is; these solutions are not built to detect threats coming from within the perimeter. Other solutions that attempt to address this gap, such as SIEM and behavioural analysis tools detect potential issues after the fact and can take months to identify a problem. Fortunately, there is a solution to stop data loss from negligent and malicious insiders altogether: Attribute-Based Access Control (ABAC).

ABAC extends the zero trust security model to the file level. Instead of being able to access a document on a server automatically because you are already authenticated into the system, it will instead determine whether you can access the file by evaluating attributes (or characteristics of data and/or users) to determine a given file’s access, usage and sharing rights.

The advantage of a data-centric ABAC-based security approach is that an individual file’s access rights can be dynamically adjusted based on the sensitivity of the file and the user’s context in real-time to evaluate and validate each file’s attributes. This includes security classification and permissions and attributes such as security clearance, time of day, location, and device type to determine who can access, edit, download, or share a particular file. Like Zero Trust network architecture, ABAC sets the default to deny access unless these attributes can be validated against business policies governing access and sharing conditions.

According to the 2021 Verizon Data Breach Investigation report, data mishandling by insider threats is the top source of insider-related data breaches. Additionally, the pandemic has made it possible to collaborate virtually with software such as Microsoft 365 across many different geographies. This is a perfect environment for insider threats to flourish.

READ MORE:

With the push to Zero Trust, we have a rare opportunity not just to fix today’s pressing cybersecurity issues, but to nip the next step that attackers will likely take to circumvent the onerous task of breaching a network, stealing credentials and utilizing insider threats. ABAC is that solution, but only time will tell if we adopt it in time.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...