IT security is constantly evolving and failing to keep abreast of changes can have costly consequences. The security methodologies and the threat actors who exploit vulnerabilities both keep improving what worked before and leave behind what did not. As COVID-19 has accelerated the shift towards a remote work culture, many organizations are adopting a multi-cloud strategy. With cloud providers supporting different sets of policies, creating a consistent security posture for them is the latest challenge faced by security teams worldwide.
Traditional security perimeters are now extended to include new, undefined perimeters. This perimeter-less work model makes user provisioning, managing authentication. and access across the application landscape difficult.
As IAM challenges become more complex, it’s no wonder a cybersecurity mesh is one of Gartner’s top strategic technology trends for 2021.
Gartner's proposed Cybersecurity Mesh Architecture (CSMA) is an architectural approach that allows for a scalable, flexible, and reliable cybersecurity control system. CSMA focuses on defining a security perimeter around the identity of a person or thing as opposed to the previously used "walled city" approach. With more assets like IoT existing outside of the traditional security perimeter, the perimeter has become more fragmented. Many applications and data are no longer present in company-owned data centers.
The CSMA approach to network security aims to solve this by leading to a more standardized, responsive security approach that prevents hackers from exploiting different parts of a given network to access the broader network. Instead of every security tool running in a silo, a CSMA enables tools to interoperate through several supportive layers, such as consolidated policy management, security intelligence, and identity fabric.
The Zero Trust NetworkZero Trust Network (ZTN) architectural concept was introduced almost two decades ago, but the cybersecurity mesh was introduced less than a year ago. Regardless of how long the ideas have been around, Zero Trust and the cybersecurity mesh are key components in ensuring the security of organizations today. The importance of these two security systems has gained traction over the past year due to the universal shift towards a remote working culture.
The basic tenet of a Zero Trust architecture is that it no longer assumes that access to a resource through a particular network is secure. As personnel begin to work from home, they need to obtain access to those resources from outside the traditional secure network perimeter. The clearly defined perimeter has been impaired. They now need access to resources outside of the workplace, so there is no longer a clearly defined network perimeter that can be protected. “Never trust, always verify” is a primary principle of a Zero Trust architecture.
On the other hand, a cybersecurity mesh expands ZTN from closing perimeters around organizational resources to also creating perimeters around subjects and objects, not on-premises: especially users accessing objects from anywhere, anytime, with a variety of devices. It also enables organizations to bring cloud services into their ZTN infrastructures. Adaptive access control with close analysis of both subjects and objects is a crucial element.
Most digital assets, identities, and devices exist outside of the enterprise which makes it hard to manage them with the existing traditional security models. With CSMA, organizations can achieve a tightly integrated, scalable, flexible, and reliable way to approach digital assets and identities.
Gartner predicts a cybersecurity mesh will support the majority of IAM requests in the coming years and help organizations benefit from a better digital asset access and control approach.
Delivery of IAM services will result in an increase in the number of MSSPs. MSSP firms provide organizations with the resources and necessary skillsets to plan, develop, acquire, and implement comprehensive IAM solutions.
Gartner also predicts that by 2023, 40% of all IAM application convergence will primarily be handled by MSSPs that focus on delivering solutions with an integrated approach. This change to MSSPs will shift the influence from product vendors to service partners, which minimizes the burden on the individual IT teams.
The massive increase in remote interactions as a result of increased remote working necessitates robust enrollment and recovery procedures. This influx of remote interaction makes it harder to differentiate between legitimate users and attackers.
Gartner predicts that by 2024, at least 30% of large enterprises will implement new identity-proofing tools to address common weaknesses in workforce identity life cycle processes.
Centralized approaches to managing identity data make it difficult to reliably provide privacy, and assurance. With a decentralized approach in tandem with the mesh model, blockchain technology ensures privacy and allows individuals to validate identity requests by providing the requestor with just the minimum required amount of information.
Also by 2024, Gartner predicts that a true global, portable, and decentralized identity standard will emerge to address business, personal, social, and identity-invisible use cases.
Organizations have become interested in a document-centric approach to identity proofing. The rise in COVID-19-induced remote working in 2020 pulled attention to the biases with respect to race, gender, and other characteristics which can occur in online use cases.
Even sooner, Gartner predicts that by 2022, 95% of organizations will require identity-proofing vendors to prove that they are minimizing demographic bias.
The massive and sudden increase in the number of organizations with remote workforces has made it more difficult to differentiate between authentic users and attackers. This has promoted the emergence of the new architecture of cybersecurity meshes. CSMA provides a modular and trusted approach to any network, ensuring each node has its own perimeter rather than a wide, global perimeter as in the case of traditional perimeter approach.
With CSMA, IT teams can properly track the access levels of a network and prevent attackers from gaining access to broader network information by looking for weaknesses in nodes.
The benefits provided by CSMA include, but are not limited to, enabling a higher number of IAM requests, improving the planning and implementation of end-to-end solutions, addressing common weaknesses in workforce identity lifecycle processes, ensuring greater privacy, and minimizing demographic bias in the face of increased remote working.