Quantum technology and the potential of Zero Trust

            Quantum Day or “Q-Day,” while 5-10 years out, is coming faster than we would like and it represents the
            day that quantum computers will reliably use the superpositioning power of qubits (i.e., information bits
            that can assume multiple states at once) to compute the codes needed to break asymmetric encryptions.
            With that said, the arrival of Q-Day may rely on Zero Trust strategies as nations work to prepare for the
            cyber risks that will inevitably accompany these computing advancements. We can no longer have this
            ‘castle-and-moat’ mindset, where we are hyper-focused on defending the perimeter, believing everybody
            and everything already inside our network belongs there. We must assume that the bad guys are already
            inside, accessing our data, and using “collect now, decrypt later” strategies.

            Zero Trust teaches us important security concepts and ideas, such as:



               ●  “Never trust, always verify”

               ●  A "you've been breached" mentality

               ●  The replacement of traditional perimeter-based security

               ●  An introduction to micro-segmentation and multi-factor authentication

               ●  The incorporation of contextual analysis into the IT resource access decision-making process



            Outlining a Plan of Action


            In response to the challenges that Zero Trust holds, Raytheon Intelligence & Space (RI&S) offers the
            expertise and flexible solutions to rapidly develop and implement a future-proof Zero Trust strategy that
            will best fit an organization. For example, its highly scalable and extensible Zero Trust security platform
            called REDPro ZTX (short for Raytheon Enterprise Data Protection with Zero Trust Extended) monitors
            users, devices, networks, workloads, and data in real-time. It enables plug-and-play of multi-vendor Zero
            Trust solutions; enforces least-privilege access; continuously verifies access requests; and facilitates
            real-time, multi-level cyber response.


            An  effective  and  comprehensive  Zero  Trust  solution  must  seamlessly  provide  multi-level  Zero  Trust
            monitoring  and  policy  enforcement  at  the  edge,  on  premise,  and  in  the  cloud.  RI&S’s  REDPro  ZTX
            solution even goes a step further by combining cross-platform Zero Trust security with cyber resiliency.
            Cyber  resiliency  adds  important  security  features,  such  as  independent  hardware  and  software
            attestation, self-healing, and deception.

            REDPro ZTX allows customers to interchangeably plug-and-play defense-grade Zero Trust and cyber
            resiliency  technologies  from  RI&S  and  industry  partners.  Having  modular  building  blocks  allows
            customers to decide which pillars of the Zero Trust model – users, devices, networks, workloads, and
            data – they would like to focus on first and how to achieve comprehensive Zero Trust coverage over time.
            RI&S’s modular and extensible REDPro ZTX platform was designed to speed up the deployment of Zero






                                                                                                              36