April 13, 2022//Isa Jones
Last Updated: April 18, 2022The word is already making the rounds in analyst meetings, white papers, and slide decks: cybersecurity mesh. Is it new software? Or a new attack vector? Or something else entirely? The fact is that cybersecurity mesh architecture is a concept all organizations need to be paying attention to and utilizing in their own cybersecurity strategies.
Cybersecurity mesh architecture is a security strategy that is achieved "by designing and implementing an IT security infrastructure that is not focused on building a single ‘perimeter’, but instead by creating a smaller individual perimeter around each access point,” according to Gartner.
What this means, in more general terms, is ditching the old “castle-and-moat” methods and instead focusing on critical access points and assets, making sure each individual point is protected from a potential breach.
Yes, absolutely. As recent hacks have shown, hackers are no longer targeting external points of an organization, but instead finding a way in through access points, and then moving laterally to breach an organization’s most valued data, assets, or systems. Individual access points are becoming a hot target for hackers, and third-party access points remain an organization’s most vulnerable point. Third parties are becoming more and more frequent, especially in industries like critical infrastructure, healthcare, and manufacturing.
According to Gartner, by 2023 organizations who adopt cybersecurity mesh will reduce the financial impact of individual security incidents by an average of 90%. It makes sense — if a bad actor breaches a system, but every internal access point is protected, they have nowhere to go. The attack surface area drops to zero.
Access is everything when it comes to this strategy. Here are some steps an organization can follow to start securing their critical access points and building a more connected and more advanced cybersecurity infrastructure with cybersecurity mesh: