If It Ain’t Broke, Still Fix It

Industry panelists at BlastWave webinar explore why companies slow to adopt ZTNA are at risk in the cyberthreat landscape

On May 25, we hosted a webinar entitled "Why 'Zero Trust' Networks Are Important to Securing your Hybrid Workforce." The event featured a panel of experts moderated by Alissa Knight, Cybersecurity Influencer and Partner at Knight Ink. Panelists included Wicus Ross and Charl Van der Walt of Orange Cyberdefense, Tom Sego and Peter Alm of BlastWave, and Keao Caindec of Farallon Technology.

The panelists highlighted the importance of zero-trust security in today's business landscape, with a focus on BlastWave's software-defined perimeter (SDP) and BlastShield™. They asserted that zero-trust should be the overarching mindset behind any organization's cybersecurity approach and posited that service providers would be wise to adopt similar strategies. Zero trust network access (ZTNA) is especially important with the global surge in remote and hybrid work environments, as phishing and ransomware attacks mirrored internet usage levels throughout the pandemic.

Though ZTNA may reference BlastWave’s concrete solutions, it’s also a philosophy and overall architecture. Since each business has varying needs and use cases, BlastWave’s fast, scalable solutions are optimal for any service provider’s network. Traditionally, cybersecurity has gotten the short end of the stick in the tech world. Some view modern cybersecurity methods as inconvenient, paranoid, or cumbersome. Fortunately, BlastWave’s innovative tools are business enablers, allowing companies to conduct daily operations securely. These solutions are now cost-effective, although no price can be put on peace of mind in terms of network security.

ZTNA as a Replacement for VPNs

Early in BlastWave’s story, Orange Cyberdefense and Alissa Knight each attempted to hack BlastShield’s defenses to no avail. Both have since endorsed the product as one of the most innovative, intelligent, low-latency tools on the cybersecurity market. The panelists explored the shortcomings of VPNs and discussed how network operators must adapt their security strategy to the prevalence of large-scale network cyberattacks. These VPN shortcomings included:

• The age of legacy systems and their antiquated philosophy towards cybersecurity
• Laborious deployment, configuration and upkeep for both remote and site to site VPNs
• Untenable workloads regarding digital certificate management in a large organization with varied devices

As Sego pointed out, the evolution of the VPN product space was geared towards end-user convenience and satisfaction, not the realities of the modern threat landscape. Some VPNs may even have the master password coded into the root infrastructure, as exploited by Knight in her original hacking release. The panelists agreed that hackers are not necessarily sorcerers. They operate through a defined set of fundamental parameters, and these parameters are knowable and preventable. As the pandemic isolated workers and created widespread demand and implementation of remote and hybrid cloud environments, there has never been a more pertinent time to upgrade network security in our changing world.

The panelists also discussed trends in ZTNA including:

• The mass shift towards password-less, multi-factor authentication
• Microsegmentation
• Unified security fabric encompassing both cloud and on-premises environments and servers
• Unparalleled speeds and optimized system performance

The Necessity of Secure Network Perimeters and Microsegmentation

Through microsegmentation, each asset on a network is autonomous and partitioned. Even if a hacker does gain access to one facet, their threat will be identified and automatically stopped before it gets to the larger network. This approach is essential for OT and IoT assets, as these pieces rarely exist in a secure network perimeter. Sego stated that, as with most revolutionary products, BlastWave’s solutions were created according to the founders’ own cybersecurity needs and experiences.

These solutions offer a comprehensive protection web that covers endpoint, service, and network security in one convenient interface. Ultimately, BlastWave is taking cybersecurity from a switch level to a cloud-native network level. Knight said in summation, “Even if it doesn’t seem broken, maybe still ‌fix it.” This sentiment could not be truer for companies needing to modernize their cybersecurity approach. Even if a company hasn’t needed ZTNA yet, they shouldn’t wait until a breach to adopt it, because at that point it’s too late.

Be sure to view the entire zero-trust webinar at: https://www.blastwave.io/zero-trust

‍

‍