A zero trust framework eliminates implicit trust

Huzefa Motiwala
Director - Systems engineering for India and SAARC, Palo Alto Networks

Protection against cybercrime

It is crucial to invest in threat intelligence management platforms that enable the SOC to operationalise threat data and translate the same into actionable output. This helps make sense of the countless threat vectors that organizations encounter on a daily basis, subsequently bringing focus on the ones that are of real importance. Furthermore, such platforms bring a significant level of automation to the table, eliminating the risk borne from human error and manual cybersecurity processes.

As hybrid work models have blurred the lines between enterprise and home networks, it is important to take a proactive, as opposed to reactive, approach to cybersecurity. Deploying a zero trust framework - that eliminates implicit trust and constantly validates new and old users within a network - can be of great help along with adopting DevSecOps or Shift-left security. DevSecOps integrates security into all stages of the software delivery process, ensuring that developers think about security when they write code.

Solutions to prevent Distributed DoS attacks (DDoS)

There are a number of DDoS mitigation techniques that organizations can implement to minimize the possibility of an attack. But it is important to understand that due to the complexity of these attacks, the key is to employ a layered strategy that provides protection at multiple touch points. Organizations can start by including DDoS detection tools in their security infrastructures. These can help in identifying and blocking the exploits and tools that bad actors may use to launch an attack.

Having a Next-Gen Firewall (NGFW) in place instead of a Web Application Firewall (WAF) can also be of advantage against DDoS attacks. NGFWs provide full visibility and control over applications, users and content operating within the network. In contrast, a WAF is designed to look at web applications and monitor them for security issues that may arise due to possible coding errors.

Approach to the current situation 

We see cloud security, SASE, and automation backed by Artificial Intelligence (AI) and Machine Learning (ML) taking precedence in the cybersecurity domain. We recognized very early that the move to cloud will dominate in the coming years. Our focus has been on growing and innovating rapidly by delivering a comprehensive, native, and fully integrated platform with best-of-breed capabilities, alongside cloud-native offerings to our customers. Last year, we announced Prisma Cloud 3.0, the industry’s first integrated platform to shift security left — improving organizations’ entire cloud security posture by reducing security risk at runtime. 3.0 offers cloud code security to embed protections in the development process. In line with the evolving business reality of hybrid workforce, we also introduced PRISMA SASE, an integrated cloud-delivered service with industry-leading network security and next-generation SD-WAN to ensure that organizations stay secure and productive while working fluidly between branch offices and home offices.