Intelligent CIO Europe Issue 90 | Page 70

t cht lk

t cht lk

Remote workforces increase vulnerabilities access management( IAM) failure observed in Unit 42’ s 2025 incident response cases.
Adding to this is the fact that the shift towards remote and hybrid work environments has transformed networking and security. Work is no longer just a place we go to; it’ s something we can do from anywhere.
This means our applications and users are now spread out everywhere, which significantly expands the attack surface that cybercriminals can exploit Unit 42’ s latest report also revealed that nearly half of security incidents( 44 %) involved the web browser – ranging from phishing to malware downloads – highlighting it as a persistent weak spot in enterprise defences.
To address these challenges effectively, adopting a Zero Trust( ZT) mindset is crucial. Zero Trust operates on the principle of‘ never trust, always verify,’ ensuring that no entity – whether inside or outside the network – is trusted by default. This approach involves continuous verification of user identities and device health to ensure secure access to applications and data.
In fact, one high-profile example saw RansomHub( tracked by Unit 42 as Spoiled Scorpius) access a municipal government’ s network through a VPN connection – exploiting the organisation’ s failure to enforce MFA. Within just seven hours, the attacker exfiltrated 500 GB of data, highlighting the speed and scale of damage when this key control is missing.
In line with a Zero Trust approach, many organisations are now turning to Multi-Factor Authentication( MFA) to bolster their security measures. Built on the core principle of continuous authentication, MFA requires users to provide two or more verification factors to gain access, ensuring a higher level of authentication than passwords alone.
This approach typically combines something the user knows( like a password or PIN) with something they have( such as a smartphone or a hardware token) or something they are( biometric data).
Enhancing security with Multi-Factor Authentication( MFA)
Multi-Factor Authentication( MFA) remains one of the most critical components of a Zero Trust framework – and lack of MFA is still the most prevalent identity and
MFA enhances security by adding layers of verification, ensuring that access to applications and data is granted only after multiple factors have been authenticated. This proactive approach reduces the risk of unauthorised access even if credentials are compromised and strengthens the overall security posture.
70 INTELLIGENTCIO EUROPE www. intelligentcio. com