How Do I Adopt a 'Zero Trust' Framework? - Deepstash
How Do I Adopt a 'Zero Trust' Framework?

How Do I Adopt a 'Zero Trust' Framework?

Curated from: hackernoon.com

Ideas, facts & insights covering these topics:

7 ideas

·

338 reads

3

Explore the World's Best Ideas

Join today and uncover 100+ curated journeys from 50+ topics. Unlock access to our mobile app with extensive features.

Approach Cybersecurity with Zero Trust Strategies

Approach Cybersecurity with Zero Trust Strategies

  • According to a recent survey conducted by iSMG, 100% of the respondents said that Zero Trust is critical to reducing their cybersecurity risk.
  • 46% said Zero Trust is the most crucial security practice.
  • Another survey by Forrester showed that 78% of security executives plan to raise their use of Zero Trust in 2022.

However, there's an execution problem with Zero Trust.

  • Forrester's survey reports full deployment of Zero Trust at only 6%.
  • 30% said Zero Trust is in partial deployment or production,
  • and 63% are in assessment, strategy or pilot phases.

As a result, many are just planning, not executing.

13

85 reads

Understand the protection surface

It's normal to start risk assessment with attack surface analysis. For example, security professionals look at where the perimeter is, how someone might break in and what method they might use.

With Zero Trust, it is different. The highest value and highest risk users and assets are recommended starting from the data and applications. Consequently, the protective surface is smaller than the attack perimeter and easier to defend.

Prioritise what to protect based on what's critical, then move to the next set of protection surfaces on the priority list.

15

66 reads

Maximizing Visibility

Maximizing Visibility

You can't protect what you can't see. First complete visibility to understand how everything connects and behaves, which is the cause of security gaps or broken workflows.

Once they get complete visibility, they can understand what trust and enforcement policies they need. Then they implement Zero Trust around four enforcement points (identities, devices, networks, applications, and data).

14

41 reads

Building The New Boundary - Micro-segmentation

Data centres traditionally manage networks and surrounding environments by creating a "micro-boundary" in the data centre with a differential segment, meaning only pre-approved traffic flows can pass.

When building a Zero Trust Architecture, the principle is the same, but the network segment and boundary will be much smaller. Consequently, the micro-segmentation policy should be de-coupled from the existing network architecture and have the capability to scale at ease.

The allowed list is based on policy, not IP addresses.

13

38 reads

Aligning Identities

Identity is the foundation of Zero Trust security. It means knowing where all identities originate: user identities, service accounts, application sessions, ephemeral identities, and cloud assets.

Identity-based Zero Trust continually monitors every access request made by all users to any resource in the system. It ensures a thorough audit trail for compliance.

15

36 reads

Reducing Attack Surface

Reducing Attack Surface

Remote workers accessing your network increase the attack surfaces on a new scale. The security team should find ways to reduce the attack surface to minimize exposure.

Internally, a micro-segmentation approach gives a secure 1:1 connection to authorized resources.

We can also apply Zero Trust security outside the organization against external threats by:

  • proactively mapping your digital footprint,
  • monitoring communication channels for attack indicators,
  • rapidly mitigating identified threats (including patching).

15

37 reads

Cybersecurity vs. Cyber-Resilience

Zero Trust models include Google's BeyondCorp, Gartner's CARTA, NIST SP800–207, and ZTX by Forrester. They assume that being compromised is inevitable.

The key difference between Cybersecurity and Cyber-Resilience is the focus of response.

  • In cybersecurity, we have DR/ BCP to ensure organizations can continue operations quickly. Yet, cybersecurity still focus on preventive controls.
  • Achieving cyber-resilience is not the endgame. It is an endless journey. Organizations must prepare for the worst and identify vulnerabilities before adversaries.

14

35 reads

IDEAS CURATED BY

catherinma

Land/geomatics surveyor

CURATOR'S NOTE

With cybersecurity, the question is no longer only how to keep bad players out. Instead, the priority is how to recover as quickly as possible once an attack occurs.

Catherine Martin's ideas are part of this journey:

Metaverse

Learn more about cybersecurity with this collection

Find out the challenges it poses

Learn about the potential impact on society

Understanding the concept of Metaverse

Related collections

Read & Learn

20x Faster

without
deepstash

with
deepstash

with

deepstash

Personalized microlearning

100+ Learning Journeys

Access to 200,000+ ideas

Access to the mobile app

Unlimited idea saving

Unlimited history

Unlimited listening to ideas

Downloading & offline access

Supercharge your mind with one idea per day

Enter your email and spend 1 minute every day to learn something new.

Email

I agree to receive email updates