New guidance on Zero Trust Architecture (ZTA) is a fitting response to the current cybersecurity landscape. On August 11, 2020, the National Institute of Standards and Technology (NIST) released SP 800-207, Zero Trust Architecture (SP 800-207).
On June 25, 2020, the Ontario and British Columbia Information and Privacy Commissioners just shared the results of their joint investigation regarding a serious breach that took place in 2019 – the findings revealed that LifeLabs, Canada’s largest provider of general health diagnostic and specialty laboratory testing services, failed to protect the personal health information of millions of Canadians.
Cyber attacks were a serious risk even before the COVID-19 pandemic. As many organizations have instituted work-from-home procedures, the risk is elevated. The increase of non-standard communications, the use of new and untested remote working arrangements and a heightened level of stress and anxiety all create new vulnerabilities for threat actors to take advantage of. Incorrectly addressed emails, theft of company devices and a massive increase in remote connections all increase the risk of a successful cyber attack.