A business interruption is any unexpected event that halts an organization’s operations. In the ever-increasing competitive pressure of today’s business environment, such interruptions can prove disastrous for any company. That’s because they lead to a virtually limitless list of negative repercussions. Business interruptions can disrupt customer service, break down sales processes, create long-term brand damage, slow public relations activities, erode consumer trust, and more.As such, organizations go to great lengths to assess the potential risk and damage of business interruptions. Downtime frequency and average downtime duration are common metrics used to do so. The cost of downtime is also assessed by calculating the overall financial impact of variables like lost sales, wasted labor costs, and more. Rather than merely anticipating downtime’s effects or responding after business interruptions occur, however, organizations need to be proactive.In other words, organizations need to be resilient and prevent business interruptions from happening in the first place. To that end, cybersecurity is a crucial part of the conversation.Two challenges to business continuityFor our security-oriented purposes here, there are essentially two primary categories of issues that can disrupt business operations.CyberattacksCyberattacks are constantly increasing in both sophistication and prevalence, and when one succeeds, plenty can go wrong. This is particularly true of ransomware, which is designed to lock down enterprise data and devices through encryption, grind productivity to a halt, and pressure victims to pay a ransom for decryption. With double-extortion ransomware, cybercriminals also steal data and threaten to leak it if a ransom isn’t paid, applying even more pressure. Countless smaller schemes can add up to waste significant sums of time and money as well, such as when malicious actors secretly siphon off IT resources to perform cryptomining.Regardless of the specific breed of the threat, when a breach occurs, some level of business interruption occurs with it. For example, beyond the debilitating lockdown effects of many threats, there are also issues with data privacy law noncompliance, prolonged legal battles, and breach detection and remediation efforts—not to mention customer churn. All of these disrupt operations, require employee time to address, and waste money through fines, fees, and increased overhead. Consider a case from 2017, in which a global shipping giant suffered a NotPetya ransomware attack. The breach locked down operations and disrupted productivity for two weeks, ultimately costing the company over US$300 million. Since then, threats have become even more common, automated, sophisticated, and effective, unleashing chaos on modern organizations at an unprecedented scale. (You can read more about today’s threats in the ThreatLabz 2024 Ransomware Report).Poor security solution resilienceThe second type of business interruption pertaining to cybersecurity has to do with the performance of security solutions themselves. In particular, the reliability of inline security solutions like proxies is paramount. That’s because they are built to intermediate organizations’ traffic in real time. They sit in the flow of traffic, enforce inline security policies, and forward said traffic to where it needs to go. If something were to go wrong with such a solution (e.g., slow performance or a complete outage), it could have a dramatic effect on enterprise productivity, wasting both time and money.This challenge is even more noteworthy in our cloud-first world. IT tools and resources are increasingly hosted off-premises in the cloud, rather than in their traditional on-premises location, where admins can put their hands on hardware and more directly control their tools and remediation processes. As such, security teams need to know that they can trust their security vendors and that their services provide the necessary performance, reliability, and functionality to ensure uninterrupted business continuity.Zero trust architectureZero trust is the solution to both of the aforementioned categories of business interruption. So, then, what is zero trust?Zero trust is a unique architecture, delivered via proxy, that cannot be replicated with network-centric tools like firewalls and VPNs. Rather than taking a castle-and-moat approach to security that focuses on securing access to the network as a whole, zero trust is based on the principle of least-privileged access, which states that authorized users should only be granted access to the resource they need, at the moment they need it, and nothing more. This access is governed by context and risk rather than identity alone because identities can be stolen.In other words, users and other entities (like cloud workloads) are securely connected directly to applications in a one-to-one fashion—not to the network. This is accomplished through a global security cloud that serves as an intelligent switchboard and delivers zero trust connectivity as a service (along with a plethora of other data and threat protection functionality). So, instead of backhauling traffic to your data center for network-centric security rife with excessive permissions, zero trust is delivered at the edge—as close to the end user as possible. Cyber resilience with zero trustBecause of its unique functionality, zero trust can minimize cyber risk, stop data breaches, and prevent the associated business interruptions. It enhances cyber resilience in four key ways:Zero trust minimizes the attack surface. Tools like firewalls have public IP addresses that cybercriminals can find and exploit on the web, enabling risky inbound connections to your environment. Zero trust uses inside-out connections to eliminate these public IPs. When a user attempts app access, a connector that sits in front of the app reaches out to the zero trust cloud, which then stitches the connection together. This effectively hides IT resources from attackers.Zero trust stops compromise. 87.2% of threats now hide in encrypted traffic. But inspecting and securing this traffic requires a high degree of performance that firewalls struggle to provide. That’s because, whether they are rolled out as hardware or as virtual appliances, firewalls have fixed capacities to scale. In contrast, zero trust is delivered through a global, high-performance cloud with the scalability needed to inspect encrypted traffic and stop the threats therein.Zero trust prevents lateral threat movement. As mentioned earlier, network-centric tools like VPNs give users excessive permissions. They extend “secure” access to the network, but this allows threats to traverse that network and access its connected resources, enabling larger breaches. Zero trust decouples security and connectivity from the network through direct-to-app access. Instead of connecting anyone to a network where they can move laterally, zero trust connects them only to authorized apps.Zero trust blocks data loss. Preventing malicious and accidental data leakage requires inspecting encrypted traffic. That’s because more than 95% of today’s web traffic is encrypted. Again, traditional appliance-based tools struggle to inspect this traffic at scale, but a highly scalable zero trust cloud can inspect it and protect data within it. Additionally, as part of securing any-to-any connectivity, a zero trust platform can secure modern data leakage paths that conventional tools cannot, such as SaaS apps.Operational resilience with zero trustZero trust is an inline architecture delivered as a service from a security cloud. As such, zero trust offerings must avoid service disruptions and ensure that they maintain business continuity for their customers. Fortunately, a leading zero trust platform can meet the three key criteria to accomplish this.1. A purpose-built, resilient cloudA zero trust vendor’s cloud must be built from the very beginning to be resilient. That means that it is global and multitenant (see more about that here), and that it boasts the capacity, availability, and performance required to give customers of all sizes (and in all locations) the experiences that they need for their businesses to stay secure and productive. Similarly, the cloud itself needs to be secure by design so that the underlying infrastructure cannot be compromised by cybercriminals (which could lead to cyber risk and business disruption for customers). 2. Resilient cloud lifecycle managementThe zero trust vendor must constantly perform their due diligence to ensure customers can avoid business interruption even as changes are implemented to the zero trust cloud. To that end, software development and Q&A, cloud deployments and upgrades, incident management, and 24/7 cloud monitoring must all prioritize resilience. 3. Solutions for all failure scenariosBeyond solving the minor failures that often go unnoticed, a zero trust cloud must also be able to solve brownouts, blackouts, and catastrophic failures, no matter how rare they may be. Only then can customers maintain business continuity around the clock and despite any unusual contingency. Brownouts include connectivity-related issues that affect the flow of traffic through the zero trust cloud and to its destination. Naturally, this can slow down (or perhaps halt) user productivity and cybersecurity. When such issues occur, the zero trust platform needs to intelligently identify the problem and route traffic through the next best path to avoid both business and security disruption. Platforms with built-in digital experience monitoring provide extra help for addressing these issues.Blackouts are more debilitating than brownouts. Consider a scenario in which one of a vendor’s data centers or points of presence (PoPs) stops functioning properly and becomes unable to provide services to customers. During such a blackout, the vendor’s offering must automatically failover to a different nearby data center—customer traffic needs to flow through the next PoP closest to them.Catastrophic failures involve all of a vendor’s data centers—and thus their entire cloud—going offline. These incredibly rare, cloud-wide failures may occur due to events like natural disasters and nation-state attacks. In the event of such circumstances, the platform needs to fail over not to a different PoP (since they are all offline), but to a separate private cloud or a virtual machine hosted in the customer’s cloud or data center. The Zscaler Zero Trust ExchangeZscaler is the original pioneer and continued innovator in zero trust architecture. Our Zero Trust Exchange platform boasts the ever-increasing sophistication needed to stop threats and deliver unparalleled cloud resilience, ensuring uninterrupted business continuity. We check all the boxes described throughout this blog. To learn more about the power of our threat prevention, take a look at the “AAA” result we received in this CyberRatings SSE Report.To learn more about the resilience of our purpose-built cloud, watch this webinar about our business continuity solutions.If you’re new to zero trust architecture and want an introduction to the topic, sign up for part one of our three-part webinar series, Zero Trust, from Theory to Practice.
[#item_full_content] A business interruption is any unexpected event that halts an organization’s operations. In the ever-increasing competitive pressure of today’s business environment, such interruptions can prove disastrous for any company. That’s because they lead to a virtually limitless list of negative repercussions. Business interruptions can disrupt customer service, break down sales processes, create long-term brand damage, slow public relations activities, erode consumer trust, and more.As such, organizations go to great lengths to assess the potential risk and damage of business interruptions. Downtime frequency and average downtime duration are common metrics used to do so. The cost of downtime is also assessed by calculating the overall financial impact of variables like lost sales, wasted labor costs, and more. Rather than merely anticipating downtime’s effects or responding after business interruptions occur, however, organizations need to be proactive.In other words, organizations need to be resilient and prevent business interruptions from happening in the first place. To that end, cybersecurity is a crucial part of the conversation.Two challenges to business continuityFor our security-oriented purposes here, there are essentially two primary categories of issues that can disrupt business operations.CyberattacksCyberattacks are constantly increasing in both sophistication and prevalence, and when one succeeds, plenty can go wrong. This is particularly true of ransomware, which is designed to lock down enterprise data and devices through encryption, grind productivity to a halt, and pressure victims to pay a ransom for decryption. With double-extortion ransomware, cybercriminals also steal data and threaten to leak it if a ransom isn’t paid, applying even more pressure. Countless smaller schemes can add up to waste significant sums of time and money as well, such as when malicious actors secretly siphon off IT resources to perform cryptomining.Regardless of the specific breed of the threat, when a breach occurs, some level of business interruption occurs with it. For example, beyond the debilitating lockdown effects of many threats, there are also issues with data privacy law noncompliance, prolonged legal battles, and breach detection and remediation efforts—not to mention customer churn. All of these disrupt operations, require employee time to address, and waste money through fines, fees, and increased overhead. Consider a case from 2017, in which a global shipping giant suffered a NotPetya ransomware attack. The breach locked down operations and disrupted productivity for two weeks, ultimately costing the company over US$300 million. Since then, threats have become even more common, automated, sophisticated, and effective, unleashing chaos on modern organizations at an unprecedented scale. (You can read more about today’s threats in the ThreatLabz 2024 Ransomware Report).Poor security solution resilienceThe second type of business interruption pertaining to cybersecurity has to do with the performance of security solutions themselves. In particular, the reliability of inline security solutions like proxies is paramount. That’s because they are built to intermediate organizations’ traffic in real time. They sit in the flow of traffic, enforce inline security policies, and forward said traffic to where it needs to go. If something were to go wrong with such a solution (e.g., slow performance or a complete outage), it could have a dramatic effect on enterprise productivity, wasting both time and money.This challenge is even more noteworthy in our cloud-first world. IT tools and resources are increasingly hosted off-premises in the cloud, rather than in their traditional on-premises location, where admins can put their hands on hardware and more directly control their tools and remediation processes. As such, security teams need to know that they can trust their security vendors and that their services provide the necessary performance, reliability, and functionality to ensure uninterrupted business continuity.Zero trust architectureZero trust is the solution to both of the aforementioned categories of business interruption. So, then, what is zero trust?Zero trust is a unique architecture, delivered via proxy, that cannot be replicated with network-centric tools like firewalls and VPNs. Rather than taking a castle-and-moat approach to security that focuses on securing access to the network as a whole, zero trust is based on the principle of least-privileged access, which states that authorized users should only be granted access to the resource they need, at the moment they need it, and nothing more. This access is governed by context and risk rather than identity alone because identities can be stolen.In other words, users and other entities (like cloud workloads) are securely connected directly to applications in a one-to-one fashion—not to the network. This is accomplished through a global security cloud that serves as an intelligent switchboard and delivers zero trust connectivity as a service (along with a plethora of other data and threat protection functionality). So, instead of backhauling traffic to your data center for network-centric security rife with excessive permissions, zero trust is delivered at the edge—as close to the end user as possible. Cyber resilience with zero trustBecause of its unique functionality, zero trust can minimize cyber risk, stop data breaches, and prevent the associated business interruptions. It enhances cyber resilience in four key ways:Zero trust minimizes the attack surface. Tools like firewalls have public IP addresses that cybercriminals can find and exploit on the web, enabling risky inbound connections to your environment. Zero trust uses inside-out connections to eliminate these public IPs. When a user attempts app access, a connector that sits in front of the app reaches out to the zero trust cloud, which then stitches the connection together. This effectively hides IT resources from attackers.Zero trust stops compromise. 87.2% of threats now hide in encrypted traffic. But inspecting and securing this traffic requires a high degree of performance that firewalls struggle to provide. That’s because, whether they are rolled out as hardware or as virtual appliances, firewalls have fixed capacities to scale. In contrast, zero trust is delivered through a global, high-performance cloud with the scalability needed to inspect encrypted traffic and stop the threats therein.Zero trust prevents lateral threat movement. As mentioned earlier, network-centric tools like VPNs give users excessive permissions. They extend “secure” access to the network, but this allows threats to traverse that network and access its connected resources, enabling larger breaches. Zero trust decouples security and connectivity from the network through direct-to-app access. Instead of connecting anyone to a network where they can move laterally, zero trust connects them only to authorized apps.Zero trust blocks data loss. Preventing malicious and accidental data leakage requires inspecting encrypted traffic. That’s because more than 95% of today’s web traffic is encrypted. Again, traditional appliance-based tools struggle to inspect this traffic at scale, but a highly scalable zero trust cloud can inspect it and protect data within it. Additionally, as part of securing any-to-any connectivity, a zero trust platform can secure modern data leakage paths that conventional tools cannot, such as SaaS apps.Operational resilience with zero trustZero trust is an inline architecture delivered as a service from a security cloud. As such, zero trust offerings must avoid service disruptions and ensure that they maintain business continuity for their customers. Fortunately, a leading zero trust platform can meet the three key criteria to accomplish this.1. A purpose-built, resilient cloudA zero trust vendor’s cloud must be built from the very beginning to be resilient. That means that it is global and multitenant (see more about that here), and that it boasts the capacity, availability, and performance required to give customers of all sizes (and in all locations) the experiences that they need for their businesses to stay secure and productive. Similarly, the cloud itself needs to be secure by design so that the underlying infrastructure cannot be compromised by cybercriminals (which could lead to cyber risk and business disruption for customers). 2. Resilient cloud lifecycle managementThe zero trust vendor must constantly perform their due diligence to ensure customers can avoid business interruption even as changes are implemented to the zero trust cloud. To that end, software development and Q&A, cloud deployments and upgrades, incident management, and 24/7 cloud monitoring must all prioritize resilience. 3. Solutions for all failure scenariosBeyond solving the minor failures that often go unnoticed, a zero trust cloud must also be able to solve brownouts, blackouts, and catastrophic failures, no matter how rare they may be. Only then can customers maintain business continuity around the clock and despite any unusual contingency. Brownouts include connectivity-related issues that affect the flow of traffic through the zero trust cloud and to its destination. Naturally, this can slow down (or perhaps halt) user productivity and cybersecurity. When such issues occur, the zero trust platform needs to intelligently identify the problem and route traffic through the next best path to avoid both business and security disruption. Platforms with built-in digital experience monitoring provide extra help for addressing these issues.Blackouts are more debilitating than brownouts. Consider a scenario in which one of a vendor’s data centers or points of presence (PoPs) stops functioning properly and becomes unable to provide services to customers. During such a blackout, the vendor’s offering must automatically failover to a different nearby data center—customer traffic needs to flow through the next PoP closest to them.Catastrophic failures involve all of a vendor’s data centers—and thus their entire cloud—going offline. These incredibly rare, cloud-wide failures may occur due to events like natural disasters and nation-state attacks. In the event of such circumstances, the platform needs to fail over not to a different PoP (since they are all offline), but to a separate private cloud or a virtual machine hosted in the customer’s cloud or data center. The Zscaler Zero Trust ExchangeZscaler is the original pioneer and continued innovator in zero trust architecture. Our Zero Trust Exchange platform boasts the ever-increasing sophistication needed to stop threats and deliver unparalleled cloud resilience, ensuring uninterrupted business continuity. We check all the boxes described throughout this blog. To learn more about the power of our threat prevention, take a look at the “AAA” result we received in this CyberRatings SSE Report.To learn more about the resilience of our purpose-built cloud, watch this webinar about our business continuity solutions.If you’re new to zero trust architecture and want an introduction to the topic, sign up for part one of our three-part webinar series, Zero Trust, from Theory to Practice.
