Cybersecurity teams continue to face ongoing challenges in safeguarding their networks. With increased susceptibility to cyberattacks, organizations are taking a more proactive approach to realize “zero trust,” including the U.S. Cyber Defense team.
The Pentagon recently announced the planning of a new zero-trust strategy that will be revealed in the next coming days. Specifically, the strategy will expand the Pentagon’s approach to realizing zero trust; incorporating over a hundred activities and ‘pillars’ that include applications, automation, and analytics. The strategy aims to keep critical data secure within high-risk environments.
Officials have set a five-year deadline to implement effective zero-trust solutions. With cyber capabilities of other nation states continuously improving and evolving. the U.S. is more susceptible to digital aggressiveness. The United States is aiming to meet the cyber security challenge head-on by updating the zero trust, trust and verify approach.
So, how can these strategies be implemented across the private and public sectors?
To realize, zero trust’s full potential, The Federal Government must bear the full scope of its authority and resources to ensure the protection and security of our national and economic assets. The policy of the U.S. administration sets the precedent for how organizations should work to prevent, detect, assess and remediate cyber incidents.
Organizations can respond by aligning their current infrastructures with national cybersecurity initiatives by integrating the following tips:
Use Tools Designed to Achieve Visibility Across On-Premises and Attack Surfaces
“Last year, the White House’s Executive Order 14028, “Improving the Nation’s Cybersecurity,” recognized the need to adopt zero-trust models across federal agencies. I am excited to see our national administration continue to acknowledge the sophistication of the threat landscape and implement this new zero-trust strategy that bears the full scope of the Department of Defense (DoD)’s authority and resources in protecting and securing our data environment; shares Jeannie Warner, director of product marketing at Exabeam.
A compromise could come at any point within the ecosystem, and more often than not it will come from an adversary using valid credentials. It’s clear that “watching the watchers” in security terms is important. This is where Threat Detection, Investigation, and Response (TDIR) capabilities should be focused, and why any security operations team needs to consider having visibility of their identity management, security log management, and other threat detection tools across their on-premises and cloud attack surfaces.”
Application and API Security
“The shortcoming in the current government strategies and directives related to Zero Trust is a complete absence of consideration for the applications that ride on the cloud and data center infrastructure that gets the majority of the ZT attention. In order to achieve Zero Trust, application security and API security can’t be left out of the equation; shares Richard Bird, CSO, of Traceable AI.
“Zero Trust without API security is simply, not Zero Trust. If energy, dollars and effort to apply Zero Trust is entirely focused on the infrastructure and OS components of cloud, data center or hybrid deployment patterns the bad actors will simply move their efforts to the attack surface that isn’t conditioned to Zero Trust. In every organization and agency on the planet, that attack surface is APIs and the applications they interact with.”
“The last several months of exploits and breaches around the world clearly show that the US government, while on the right track in driving organizations and agencies to move to the Zero Trust framework, is missing substantial direction to those same organizations as it relates to applications and APIs. The framework today overly relies on notions such as privileged access management to achieve some semblance of Zero Trust type control for applications, but this approach has proven to be woefully inadequate for user populations outside of the technology workers who access those applications.”
The Proper Authentication of Digital Assets
The key to defending an organization is not placing inherent trust in perimeter-based security systems. That’s why authorization is a critical aspect of zero-trust architecture. Integrating authorization within critical infrastructures ensures that the user accessing a system is who they claim to be and determines which individuals are granted access. This provides an extra level of security in protecting critical assets.
“In today’s world, you cannot put your trust in any static, perimeter-based security system; Gal Helemsi, CTO and CPO of PlainID shares. “the key to defending an organization from future cyberattacks is protecting the data and the applications, by ensuring that even if a bad actor (which can be a federal employee sometimes) has gained access credentials, they don’t have automatic access to any or all data.
Let’s face it, zero-trust is the only way to secure a modern, decentralized enterprise, in which data and applications are accessed from anywhere by employees, customers, and partners.”
Implement the ‘Right’ Tools for Your Environment
Zero trust is used to denote cybersecurity paradigms that pivot from static, perimeter-based networks to users, assets, and resources. Zero trust helps reduce security breaches, by ensuring all access points are validated before a user is trusted with access to a given network. As a result, organizations rely on Zero Trust architectures to construct how users and entities are connected to organizational and agency resources. In building out robust architectures, organizations have the ability to operate under the least privilege of authorization, keeping the role and function in line with individual capabilities.
With the rise of remote and hybrid working environments, it’s essential that organizations build Zero Trust strategies and tools that acutely align with their company’s infrastructure.
Justin McCarthy, Co-Founder and CTO of Strong DM agrees that developing Zero Trust strategies is an essential step towards mitigating cyber risk. He shares; “Zero Trust security believes that a breach will inevitably occur in addition to acknowledging that threats exist both inside and outside of the network. Because of this, it continuously scans for malicious behavior and restricts user access to what is necessary to complete the task. In addition, users (including potential bad actors) are prevented from navigating the network laterally and accessing any unrestricted data.
“Some may say that Zero Trust will hinder productivity, which could be the case if backend management processes and governance operations are granted manually. But it’s the opposite if you have the right tools to make it easy to grant access and audit access control. The result of Zero Trust architecture, especially when it comes to improving the nation’s cybersecurity is higher overall levels of security, easy accessibility, and reduced operational overhead.”
In addition, with companies moving towards data-centric processes, the volume of personally identifiable data is growing exponentially. This massive amount of data is directly linked to everyday people; who often use cloud-based systems for the storage of critical aspects. This poses additional security risks.
While cybersecurity is a complex issue, a direct route to solving malicious attacks is to create strong guardrails around our sensitive data.
“Sensitive data compromise comes from cybercriminals using privileged credentials to access data repositories;” says Arti Raman, founder, and CEO of Titaniam. “Traditional methods of data security such as encryption-at-rest fail to prevent data compromise because these controls cannot distinguish legitimate users from attackers with stolen credentials. One of the most effective solutions to eliminate data compromise and implement true zero trust for data is encryption-in-use or data-in-use encryption.
“Using data-in-use encryption ensures data and IP are encrypted and protected even when it is being actively utilized, neutralizing all possible data-related leverage that attackers could gain, and limiting the blast radius of cyberattacks. Encryption-in-use is one of the strongest and most effective guardrails that can be implemented toward zero-trust data security.”