The traditional model of security based on network perimeters, i.e., trusting everything within the perimeters of the network and distrusting everything outside of it, is no longer a viable option for security protecting networks. The emergence and rapid expansion of cloud services, as well as remote work and mobile devices, along with the increased sophistication of cybercriminals’ tactics, have all contributed to the removal of the defined boundaries between what constitutes a network and what does not. With the growth of this new threat environment, the adoption of Zero Trust Security is a fundamental requirement for cyber defence in this new threat environment. Today, Zero Trust Security is the establishing principle of cyber defence.
A Basic Introduction to Zero Trust
Zero Trust is based on a simple yet powerful principle: “Never Trust, Always Verify.” In contrast to the traditional network security model, which only assumes that attacks originate from outside of the network, Zero Trust takes the position that applications and users can attack the network from within as well as outside of it. Every time a user, device or application requests access to a network resource, all three must be continuously verified, authenticated, and authorized.
Zero Trust’s main principles include:
- Continuous identity verification
- Least Privilege
- Micro-segmentation of the Network
- Real Time Monitoring and Analytics
- Device and Context-Aware Security
Why Traditional Security Models Don’t Work
Perimeter-based security was intended to provide protection in an age where most employees worked out of offices, most applications resided in the data center and most devices were managed centrally. That world does not exist anymore.
Some of the new issues that exist today are:
– A remote and hybrid workforce
– Cloud/SaaS-based infrastructure (essentially operating on the internet)
– Employee-owned devices (BYOD)
– Employee-to-employee attacks (insider threats) and theft of credentials
– Advanced persistent threat (APT) attacks
Once an attacker is able to penetrate the traditional perimeter, they will typically enjoy broad lateral access to many systems within the organisation. This “trust once inside” model is eliminated with the Zero Trust model.
The Rapid Emergence of the Concept of Zero Trust in Today’s Cybersecurity Environment.
Numerous recent high-profile data breaches have shown that most intruders do not accomplish this goal by brute-force methods. Instead, almost all use weak credentials, insecure configurations, or compromised endpoints as entry points into networks. Zero Trust effectively provides protection from these types of attacks.
Zero Trust is now a government and organisational requirement. Reasons for implementing a Zero Trust strategy:
- To reduce the impact of breaches on large organisations.
- Regulatory agencies are implementing stricter controls on who can access their network.
- Cloud vendors are designing their services based on the principles of Zero Trust.
- Governments are beginning to require all organisations to implement a Zero Trust cybersecurity strategy.
Zero Trust limits the damage potential of any cyberattack by limiting, segmenting, and continuously verifying access.
Essential Advantages of Using a Zero Trust Framework:
– A Smaller Attack Surface Area
– Micro-segmentation makes it harder for an attacker to move around if one of the components is compromised.
– Improved Visibility and Control
– Continuous monitoring allows organisations to receive timely feedback on end-user and system activity.
– Increased Security with an Identity-Based Approach
– The new security perimeter is based on the user’s identity, plus it is strengthened by Multi-Factor Authentication (MFA).
– Increased Security for Cloud and Remote Workers
– Zero Trust is built to protect a disparate workforce.
– Improving Compliance and Managing Risk
– Fine-grained access control assists organisations in meeting compliance and audit obligations.
Challenges in Implementing Zero Trust
Although Zero Trust offers many advantages, implementing it is not a one-size-fits-all solution or an instant fix. The most common challenges when implementing Zero Trust include:
- Legacy systems that were never intended to work within a Zero Trust framework
- Challenges with integrating numerous different tools and platforms
- A cultural preference for less stringent access controls
- The initial expense and logistical reorganisation of existing networks
Each of the above challenges represents a transitional phase in the transition to Zero Trust; however, the cost incurred by organisations that do not implement Zero Trust will far exceed the cost of implementing a Zero Trust solution (in terms of breach incidents, downtime, and damage to reputation).
Future of Cyber Defence
Cyber security has evolved over time, moving away from static protective measures to a more agile approach, utilising advanced technology to enhance cyber security defences. Zero Trust is an example of how these new security models can work together to be more effective.
In order to create a fulsome defence against increasing levels of cyber attacks driven by artificial intelligence and the explosion of digital ecosystems, traditional cyber security defences will not work; security needs a contextual, ongoing validation methodology. Zero Trust provides the architectural framework to deliver on this.
