drj logo

"*" indicates required fields

Name*
Region*
Please enter a number from 0 to 100.
Strength indicator
I agree to the Terms of Service and Privacy Policy*
Yes, of course I want to receive emails from DRJ!
This field is for validation purposes and should be left unchanged.

Already have an account? Log in

drj logo

Welcome to DRJ

Already registered user? Please login here

Login Form

Register
Forgot password? Click here to reset

Create new account
(it's completely free). Subscribe

x
DRJ Fall 2025 Dallas Show
Skip to content
Disaster Recovery Journal
  • EN ESPAÑOL
  • SIGN IN
  • SUBSCRIBE
  • THE JOURNAL
    • Why Subscribe to DRJ
    • Digital Edition
    • Article Submission
    • DRJ Annual Resource Directories
    • Article Archives
    • Career Spotlight
  • EVENTS
    • DRJ Fall 2025
    • DRJ Spring 2025
    • DRJ Scholarship
    • Other Industry Events
    • Schedule & Archive
    • Send Your Feedback
  • WEBINARS
    • Upcoming Webinars
    • On Demand
  • MENTOR PROGRAM
  • DRJ ACADEMY
    • DRJ Academy
    • Beginner’s Guide to BC
  • RESOURCES
    • New to Business Continuity?
    • White Papers
    • DR Rules and Regs
    • Planning Groups
    • Business Resilience Decoded
    • DRJ Glossary of Business Continuity Terms
    • Careers
  • ABOUT
    • Advertise with DRJ
    • DEI
    • Board and Committees
      • Executive Council Members
      • Editorial Advisory Board
      • Career Development Committee
      • Glossary Committee
      • Rules and Regulations Committee
  • Podcast

Learning To Trust Less

by Jon Seals | February 7, 2020 | | 0 comments

We clearly have a problem when it comes to cybercrime — admitting that is half the battle

By Justin Augat 

iland VP of Product Marketing 

Last year, cybercrime incidents involving ransomware, viruses, trojans, and phishing incidents increased across the board, not just in terms of frequency, but also impact, duration, and sophistication. These attacks were launched on  businesses of all sizes in what has been called “the worst year on record” for data breaches. 

Recent data from Accenture shows that, over the last five years, the number of security breaches rose 67 percent and the cost of cybercrime has gone up 72 percent. Juniper Research found that cybercrime has already produced $2 trillion in damages and it estimates that number will reach $6 trillion by 2021.

They say the first step to resolving a problem is admitting it exists.

Cybercrime is a major problem. There, now that’s out of the way. 

Admitting the imminent threat of cybercrime will make for many a difficult conversation between customers and IT professionals this year. Whether you alone are responsible for your company’s data or you enlist the help of cloud service provider (CSP), understanding data security is no longer a luxury, but a necessity. Otherwise, you are putting yourself or your company at risk. 

Never trust, always verify 

Now for the good news: As organizations begin to take data security more seriously, including spending more on security and developing more advanced and focused strategies, our capabilities to defend against cybercrime are greatly improving.

One such strategy is called “Zero Trust,” which incorporates technology, services, people, and processes into a cohesive approach that includes multiple layers of defense. 

Developed by Forrester Research a decade ago, the Zero Trust security model can be summed up as “never trust, always verify.” In other words, whether a connection to a system or data is attempted from inside or outside the organization’s network, no access is granted without verification. Zero Trust is necessary because traditional network security can no longer keep data safe from today’s advanced threats.

How to have “Zero Trust” 

When it comes to keeping your company’s data secure, it’s okay to have trust issues. 

Let’s start with this analogy: If you enter your house through the front door, you expect to have access to all the rooms inside. In a Zero Trust world, you would not necessarily have access to all rooms automatically. In fact, you may not be able to go beyond your entryway without further permission.

To achieve the level of security necessary for Zero Trust, I recommend starting with a look at your physical security as your first layer of defense.   Physical data centers, whether on-premises or in the cloud, represent the epicenter of customer data and should be treated as such when guarding against cyber theft. Every data center should receive equal priority and attention with consistent security standards across all physical assets. This includes active monitoring, controlled access to all facilities via an approved access list, and secure environmental elements such as power, cooling, and fire suppression.  

Every security measure should be applied logically across every layer of technical configurations and software to create a secure and stable foundation.   Logical security approaches should be applied at the network, storage, and hypervisor layers; and you or your CSP should provide as much security as possible throughout each layer.  

Check with your CSP to ensure they can properly manage your logical security. This also means making sure you have trained and experienced people protecting your data who understand how to work within the established controls to secure the various systems.  Request employee background checks, security and compliance training, regular access reviews, annual penetration testing against your infrastructure, as well as regular patching schedules for all systems.  

You can also confirm those resources through third-party validations.  Even the most secure organizations can benefit from an additional review. You or your CSP should consider adhering to some of the following frameworks and standards: HIPAA, HITRUST, SSAE16, ITIL, GDPR, CSA STAR, CJIS, and more. 

2020 and beyond 

The IT industry puts a lot of time and energy into prognostication each New Year. In that spirit, let’s try this prediction on for size — cybercrime will only continue to increase in number, impact, and sophistication in 2020. Sure, that’s not exactly going out on a limb, but acknowledging it is the first step toward being prepared. 

Between the huge risk associated external security threats (ransomware, malware, etc.) to the countless examples of malicious insiders taking advantage of valid credentials to do damage within companies, you can see why customers are pursuing Zero Trust strategies. 

Learning to be a little less trusting with a Zero Trust strategy can eliminate many of the vulnerabilities that are left behind by technology implementations alone. So, when disaster does strike in the form of a cyberattack, we aren’t helpless.

Related Content

  1. Resilience Unleashed: Lessons Learned From Ransomware Disasters
  2. Disaster Recovery Journal
    White Papers
  3. Disaster Recovery Journal
    Exhibitors Guide

Recent Posts

SecurityBridge Teams Up With Microsoft To Enhance SAP Security With Microsoft Sentinel

May 13, 2025

Backblaze Drive Stats for Q1 2025

May 13, 2025

Sectigo and Altron Security Announce Strategic Channel Partnership to Enhance Certificate Lifecycle Management in South Africa

May 13, 2025

Asigra Unveils SaaSAssure 2025 Featuring Granular Restore and Autodiscovery for Key Business Apps

May 13, 2025

STACK Infrastructure Closes $1.4 Billion in Green Financing to Support its Growing Portfolio of Stabilized Hyperscale Assets

May 13, 2025

Stackpack Raises $6.3M to Solve the $475B Vendor Chaos Problem

May 13, 2025

Archives

  • May 2025 (32)
  • April 2025 (91)
  • March 2025 (57)
  • February 2025 (47)
  • January 2025 (73)
  • December 2024 (82)
  • November 2024 (41)
  • October 2024 (87)
  • September 2024 (61)
  • August 2024 (65)
  • July 2024 (48)
  • June 2024 (55)
  • May 2024 (70)
  • April 2024 (79)
  • March 2024 (65)
  • February 2024 (73)
  • January 2024 (66)
  • December 2023 (49)
  • November 2023 (80)
  • October 2023 (67)
  • September 2023 (53)
  • August 2023 (72)
  • July 2023 (45)
  • June 2023 (61)
  • May 2023 (50)
  • April 2023 (60)
  • March 2023 (69)
  • February 2023 (54)
  • January 2023 (71)
  • December 2022 (54)
  • November 2022 (59)
  • October 2022 (66)
  • September 2022 (72)
  • August 2022 (65)
  • July 2022 (66)
  • June 2022 (53)
  • May 2022 (55)
  • April 2022 (60)
  • March 2022 (65)
  • February 2022 (50)
  • January 2022 (46)
  • December 2021 (39)
  • November 2021 (38)
  • October 2021 (39)
  • September 2021 (50)
  • August 2021 (77)
  • July 2021 (63)
  • June 2021 (42)
  • May 2021 (43)
  • April 2021 (50)
  • March 2021 (60)
  • February 2021 (16)
  • January 2021 (554)
  • December 2020 (30)
  • November 2020 (35)
  • October 2020 (48)
  • September 2020 (57)
  • August 2020 (52)
  • July 2020 (40)
  • June 2020 (72)
  • May 2020 (46)
  • April 2020 (59)
  • March 2020 (46)
  • February 2020 (28)
  • January 2020 (36)
  • December 2019 (22)
  • November 2019 (11)
  • October 2019 (36)
  • September 2019 (44)
  • August 2019 (77)
  • July 2019 (117)
  • June 2019 (106)
  • May 2019 (49)
  • April 2019 (47)
  • March 2019 (24)
  • February 2019 (37)
  • January 2019 (12)
  • ARTICLES & NEWS

    • Business Continuity
    • Disaster Recovery
    • Crisis Management & Communications
    • Risk Management
    • Article Archives
    • Industry News

    THE JOURNAL

    • Digital Edition
    • Advertising & Media Kit
    • Submit an Article
    • Career Spotlight

    RESOURCES

    • White Papers
    • Rules & Regulations
    • FAQs
    • Glossary of Terms
    • Industry Groups
    • Business & Resource Directory
    • Business Resilience Decoded
    • Careers

    EVENTS

    • Fall 2025
    • Spring 2025

    WEBINARS

    • Watch Now
    • Upcoming

    CONTACT

    • Article Submission
    • Media Kit
    • Contact Us

    ABOUT DRJ

    Disaster Recovery Journal is the industry’s largest resource for business continuity, disaster recovery, crisis management, and risk management, reaching a global network of more than 138,000 professionals. Offering weekly webinars, the latest industry news, rules and regulations, podcasts, the industry’s only official mentoring program, a quarterly magazine, and two annual live conferences, DRJ is leading the way to keep professionals up-to-date and connected in an ever-changing world.

    LEARN MORE

    LINKEDIN AND TWITTER

    Disaster Recovery Journal is the leading publication/event covering business continuity/disaster recovery.

    Follow us for daily updates

    LinkedIn

    @drjournal

    Newsletter

    The Journal, right in your inbox.

    Be informed and stay connected by getting the latest in news, events, webinars and whitepapers on Business Continuity and Disaster Recovery.

    Subscribe Now
    Copyright 2025 Disaster Recovery Journal
    • Terms of Use
    • Privacy Policy