"Do we trust the people, do we trust the data, do we trust who's got access to that data, and are they doing the right thing?"
Ahead of teissR3 | Resilience, Response and Recovery Online Summit 2020, Sarah Armstrong Smith, Chief Security Adviser, Microsoft, talks to Jeremy Swinfen Green about trust, insider threat and Zero Trust in cyber security.
teissR3, taking place 15th - 24th September 2020, is the leading event focusing on how you improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Register your place by clicking here.
How important is trust in cyber security? And how can it best be promoted?
Great question. The whole concept of cyber security is predicated on trust. So we have to trust in the people, devices, the locations, everything is do we trust people, do we trust the data, do we trust who's got access to that data, and are we doing the right thing?
So what we have now is this whole concept of zero trust, which is never trust, always verify, assume compromise. Really what that means is just because somebody has bona fide credentials, they might have the right device, they might be logging in from the right location, doesn't necessarily mean that they are the actual bona fide user.
So even if somebody had the right credentials and they were looking on from the right device, we always got to keep checking and verifying what they're doing, what data they're accessing, and whether that is a trusted, bona fide transaction.
We always think about, when we talk about cyber attacks, this one was predicated from an outside in, but we've also got to consider inside out. So actually the insider threat, the insider risk, is just as critical as the outside.
So it's looking at it from a full perspective. If something goes wrong and if that's in your system or data was compromised, it all comes down to how quickly we can detect and how quickly we can react to that incident to enable us to recover those services as quickly as possible.
And in addition, we've also got to think about trust and transparency from our consumers' and users' perspective. So again, that crisis management perspective is being open, honest, about the fact that we've had a breach and what we're doing to rectify that situation.