COVID-19 Impact on Zero Trust Security in Semiconductors and Electronics Industry
With the rising cases of COVID-19 every day apparently states that we will be dealing with the COVID-19 pandemic for a while. This means that work from home has become a permanent solution to fulfil each and every professional requirements without commuting from the office site. Over the past few months in this COVID-19 scenario, enormous disruption has been faced in the work environment amongst circulated workforce and scattered schedules. This has made every organization to modernise and adopt high security models. As per our estimation, almost 90% of the companies have adopted work from home policy in which poor infrastructure or technology is considered to be the biggest loophole for working remotely. Moreover, many organizations were not prepared for the transformation into the cloud which made the IT security team to struggle while configuring network perimeters in order to access remotely. At the same moment, tech savvy hackers found this as an opportunity by targeting the government employees with fraudulent practices and attacks.
For instance,
- In April 2020, World Health Organization (WHO) has stated regarding the fivefold increase in the cyber-attacks. Thus, for an effective workflow, Zero Trust has been adopted to resolve the legacy security practices. Zero Trust security model permits the employees to access the applications via secure web-based gateway. It applies the least privilege ideologies and supports device security checks and multi-factor authentication. As compared to VPN, this solution can integrate with various single sign-on (SSO) platforms easily and is very affordable and scalable.
Thus, this model provides more scalability towards privileged access management infrastructure for network resource management. Implementation of the Zero Trust comprise of policy-based adaptive access, automation, intelligence and AI, strong authentication, data classification and protection.
IMPACT ON DEMAND AND SUPPLY CHAIN
COVID-19 has brought in a diverse change in trend of various industries and markets which now has resulted into work from home policy. Moreover, increase in the utilization of disrupting malware against critical infrastructure and COVID-19 based scam has widened the necessity of secured network. The U.S. Department of Homeland Security (DHS), United Kingdom’s National Cyber Security Centre (NCSC) and Cybersecurity and Infrastructure Security Agency (CISA) have alerted regarding the malicious activity.
For instance,
- Cybercriminals have demanded ransom payment of USD 111,605.00 (increase up to 33% in first quarter of 2020). Phishing attempts have also exploded with Google’s Threat Analysis Group (TAG) noting 18 million COVID-19-related phishing and malware Gmail messages each day in April.
- About 18 million COVID-19-related malware and phishing google mails activity took place every day in April 2020 as stated by Google’s Threat Analysis Group (TAG).
According to CISA, the companies utilizing VPN results into data breach due to lack of patching and implementation of multi-factor authentication for accessing accounts remotely. The fear of susceptibility has forced varied companies to invest towards updated technologies which can boost the security level of distributed workforce while IT team have adapted a landscape of rapidly evolving threat. This in result has led to the mass adoption of Zero Trust solution and is currently grabbing the headlines as a new way of working. According to Okta, from 2019-2020, North American organizations has initiated to establish Zero Trust model in next 12 to 18 months which increases to 75% year-on-year from 60%.
Development concerning the new normal of hybrid workplaces has led the organization to take business continuity measures and to direct the rising needs which can restore and enhance the level of productivity in the long term. This later ensures precise technological tools and infrastructure for its every employee along with advanced cyber hygiene controls. Increasing adoption of highly integrated Zero Trust solution mainly where remote access has become a necessity will allow every company to step upwards a higher security level.
STRATEGIC ADOPTION BY MANUFACTURERS OR STEPS TAKEN FOR ZERO TRUST
During the COVID-19 pandemic, many companies provided their services either free or on extended trial tenure to its customers for testing Zero Trust security solutions.
For instance,
- Cisco offers free Duo Security Zero Trust and MFA platform to its new customers.
- Akamai provided its solution named Enterprise Application Access (EAA) as part of its Business Continuity Assistance Program with an extension trial of 60 days.
Adding to this, several companies have entered into different strategic decisions for offering the Zero Trust solution in order to enhance its revenue and to maximize its customer base.
For instance,
- In March 2021, McAfee entered into partnership with Appgate, Axis Security and TransientX for zero trust network access (ZTNA) which will help the organization to improve and develop security strategies with risk minimization along with less or no complexity.
- In March 2021, Zscaler, Inc. and CrowdStrike Holdings, Inc. integrated for delivering end-to-end security protection solution from the endpoint to the application. Thus, this integration will enhance the security for joint customers by offering data-centric and identity-centric approach of zero trust which incorporates network, data, workload and device.
CONCLUSION
Zero Trust security solution is the groundwork of a future-ready workforce. As employees continued to do work from home for predictable future, this approach will address the current distributed environment in a better way and surely will prove as a critical aspect for both secured and operational access. Efficient security is basically dependent on the method for managing the dependencies between the users, technology and processes by each organization. In the post COVID-19 scenario, the chances of focusing more on budget and investment regarding the Zero Trust security solution will be witnessed by the Chief Information Security Officer (CISO) due to the growing cyber security risk in order to adapt to a new normal.
