Page 130 - Cyber Defense eMagazine April 2023
P. 130

principles, “assume breach,” “least privilege,” and “constantly verify” a Zero Trust approach aims to shrink
            the initial attack surface and empower organizations to operate through a “never trust, always verify” lens.

            Zero Trust also views users from a holistic approach and centers around five core pillars: identity, devices,
            networks, applications and workloads, and data. Traditionally, perimeter-based security has focused only
            on the first three pillars: identity, devices, and networks. However, if a cyberattack or malware can pass
            the  first  three  pillars,  the  attack  can  then  move  freely  across  workloads  or  applications.  Zero  Trust
            Segmentation (i.e., microsegmentation) is designed to stop the lateral movement of cyberattacks, quickly
            minimizing the impact when an attack occurs.

            In simple terms, think of microsegmentation like a hotel. Just because you're able to get into the lobby of
            the hotel (bypassing firewall defenses) doesn't mean you're able to automatically access your room.
            Because every room has a keycard, you can only access yours once you're checked in and once your
            access (via personalized keycard) is granted. And an example of constantly being verified, if you are
            meant to check out at 11am and you go out of your room and try to access your room at 11:30am, your
            access will be denied. You will have to go to the front desk and get re-authenticated.

            Microsegmentation is the foundational component of the workload and application pillar of Zero Trust and
            plays a critical role in establishing any resilient security strategy. In fact, you cannot have an effective nor
            a complete Zero Trust security stack without having a microsegmentation solution. Ensuring agencies
            have an action plan in place and are taking small steps forward will ultimately better position them to
            combat and withstand evolving threats.



            Where to Start with Microsegmentation

            While many agency IT leaders recognize that microsegmentation is crucial to keeping up with evolving
            cyberattacks,  it’s  important  to  understand  that  resilience  requires  a  coordinated  effort  –  requiring
            dedicated resources and new ways of thinking. To start implementing microsegmentation and “assume
            breach” successfully, agencies can:

               ➢  Set Up a Zero Trust Task Force – Zero Trust implementation is often hindered by bandwidth and
                   competing priorities. Agencies can benefit from an internal task force to help guide the process.
                   The  Air  Force’s  journey  to  Zero  Trust  implementation  is  a  great  example.  This  command  is
                   currently leveraging outside cyber, engineering, and program management to establish a Zero
                   Trust Task Force. This dedicated responsibility – and allocated budget – is moving the needle on
                   Zero Trust progress within the command.


               ➢  Begin with a Network Map – Agencies must start with real-time application and workload visibility
                   into  their  network.  You  cannot  protect,  or  defend  against,  what  you  can’t  see.  This  includes
                   maximizing  visualization  and  establishing  a  real-time  map  of  applications,  workloads,  and
                   interdependencies. This network discovery process provides agencies with the ability to find risky
                   ports and prioritize where to start.







                                                                                                             130
   125   126   127   128   129   130   131   132   133   134   135