SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Why zero trust must form a key pillar of any cybersecurity strategy
Wed, 16th Jun 2021
FYI, this story is more than a year old

Zero trust has emerged as the network protection approach of choice because it reduces the risk of unauthorised network access by not trusting any device or user without verifying them. It has become even more essential as organisations have pivoted to distributed work. With devices connecting to the corporate network from remote locations, zero trust access can provide the visibility and control required to prevent these devices from becoming weapons of attack.

Cyber-attacks are getting stealthier and more devastating, and they're targeting more aspects of the corporate network including, operational technology (OT). OT is the technology that controls and monitors physical processes, infrastructure, and devices. It underpins critical infrastructure, including ports, manufacturing, energy production, and more. This makes it a desirable target for malicious actors and raises the stakes for the teams charged with protecting it. Zero trust access is the way forward.

Just like a house with all the doors and windows locked, zero trust lets no one in unless they're authorised and verified. It also goes further than that by not giving the person unlimited access once they're in the house; they must reconfirm their identity and authorisation at each internal door. This approach aims to stop malicious actors from entering the network in the first place and, if they do gain access, it makes it harder for them to roam around the network at will.

It's important to bolster a zero trust approach with behaviour monitoring that benchmarks the type of behaviour that would be normal for a user so that a flag can be raised if the user starts behaving differently, as this could indicate a compromise. This requires the security ecosystem to be scalable and integrated so that there are no blind spots or weak links in the security chain.

Zero trust means giving users the minimum level of access required for them to do their job. This way, they see the parts of the network they need and nothing else. Then, if their identity is compromised, it can't be used to access more sensitive parts of the network. Multi-factor authentication (MFA) is a crucial tool to help control this and can help form the basis for network behaviour analytics, which can protect the network from attack.

With workforces now geographically dispersed, it's no longer possible to extend trust to users based on their location; they're simply not in the office and behind the corporate firewall. The traditional approach to this challenge is the virtual private network (VPN), which is a tunnel into the corporate network. Once a person has passed those perimeter controls, the VPN approach assumes they can be trusted throughout the network when, in fact, this can be a recipe for disaster. Zero trust access prevents this by granting access to individual applications session by session.

Zero trust doesn't stop people from accessing the systems and data they need to do their jobs. Instead, it streamlines that access while strengthening security protections. For this reason, it should form an essential pillar of any cybersecurity strategy.