Most companies work diligently to fortify their network perimeter, implementing the latest in hardened routers, next generation firewalls, and intrusion detection/prevention systems. However, they dilute a lot of their own security efforts by standing up websites, home banking systems, or ERP/ERM systems that provide access to other networks and computers behind the firewall. This can create the ability for an attacker to infiltrate. So why do they do this? Often it’s because “it’s the way it’s always been done”. However, as Bob Dylan sang, “The times they are a-changin…”
The Move Towards Zero Trust
Attackers are becoming more brazen and relentless and the tools they are using are more refined. As a result, companies are employing more sophisticated tools and practices themselves to combat infiltration and ensure that they do not suffer a breach. This includes more stringent access controls.
To that end, organizations in a variety of industries have been adopting micro-segmentation of networks into protected zones. This creates insulation, so if one network becomes infected or breached, the other networks remain secure since there is no connection among the segmented networks.
Other businesses are taking it a step further by making the move to a “zero trust” model. A zero-trust network does not trust any user or IP address when it attempts to connect to a selected network. In other words, all users are considered a threat, regardless of source.
Zero-Trust security leverages:
- Least-privilege access
- Multi-factor authentication
- Network micro-segmentation
In a way, it is an attempt to force cyber hygiene habits on users who might not always use best practices. The multifactor authentication, for example, helps protect against compromised credentials, which is a leading cyberattack vector.
Zero Trust's Expanded Reach
Zero Trust is not a new concept and has long been a part of many businesses’ compliance models. However its appeal has expanded beyond enterprise regulatory requirements to a more industry agnostic demand.
Top Industries accelerating their Zero Trust Plans:
- Technology
- Retail
- Financial Services
- Manufacturing
The guilty-until-proven-innocent model has gained popularity in the wake of increasingly sophisticated cyberattacks and the proliferation of remote work. According to Microsoft, 51% of businesses leaders say they are speeding up Zero Trust deployment in their post-pandemic security planning.
While some say Zero Trust is well on its way to becoming the industry standard, it is not without its roadblocks. The rush for connectivity during early digital transformation has left many systems and architectures unable to support Zero Trust requirements. It remains to be seen whether organizations with these challenges are both willing and able to tackle them in the name of increased security.
Additional Considerations
Zero Trust is an effective methodology for controlling access, but it cannot protect networks alone. When implementing Zero Trust it is important to consider the following as well:
- Access controls aren’t enough – Access controls are a moot point if assets are already at risk. It’s important to implement asset protection measures, including vulnerability and patch management best practices.
- Understand your protect surface – Be sure you understand all of the devices and users accessing your network as well as the assets they will be accessing. It is also critical to map and understand interdependencies within your network before implementing additional access controls.
- There is no finish line – Maintaining a Zero Trust model, like most elements of cybersecurity, will be an ongoing endeavor. Be sure you are consistently reviewing logs, monitoring and testing to ensure your security measures are keeping pace with constant system changes.
Related Resources
About Digital Defense
Our Frontline.Cloud SaaS platform supports Frontline Vulnerability Manager™, Frontline Web Application Scanning™, and Frontline Active Threat Sweep™ that together provide:
- Asset discovery and tracking
- OS and web application risk assessment
- Targeted malware threat assessment
- Machine learning features that leverage threat intelligence
- Agentless & agent-based scanning
- Penetration testing for networks, mobile applications, and web applications
- Compliance management. One of the world’s longest tenured PCI-Approved Scanning Vendors
The Frontline.Cloud platform virtually eliminates false-positives associated with legacy vulnerability management solutions, while also automating the tracking of dynamic and transient assets and prioritizing results based on business criticality. Learn more.