Page 34 - Cyber Defense eMagazine August 2023
P. 34
Adhering to the guiding principles of a zero trust architecture requires a multifaceted approach.
First, verification using multi-factor authentication everywhere provides a normalized SSO token for the
representation of the authenticated user. Using least privileged access will allow agencies to
incrementally grant access on an as-needed basis.
Next, in order to minimize the blast radius of a breach through segmented data access, the ideal support
platform will be given access to the appropriate zone key to decrypt the underlying data. This combined
with complete auditing through long-term retention of data and robust machine learning, will provide a
powerful tool for threat hunting, investigation, and remediation.
Lastly, governance, compliance, and data cataloging – allows teams to better understand and protect
your data efficiently. These approaches provide a high transparency level to each task that allows
decision-makers and those tackling key missions to see specifically what is going on throughout the
process. When followed effectively, teams are able to smoothly move along the zero trust journey to
optimal.
Achieving the required deadline demands respecting the role of data in the zero trust journey,
understanding how agencies can best protect their data, and how proper governance supports the trek
to optimal maturity. As a constant and evolving mission, the nation is working to protect our country from
cyber adversaries and secure its intelligence, including DOD missions.
This comes with the help of platforms that are prepared to fulfill a balance of security from bad actors and
access to the right members of the DOD, all while maintaining zero trust and abiding by the CISA
guidelines. A platform that operates independently from compute and storage layers will offer integrated
security and governance based on metadata, while a simplified data delivery and access model will
reduce risks and costs while enabling faster deployment. Implementing an effective zero trust approach
and reaching the optimal maturity level will better secure the nation’s cyber and technological landscape,
and understanding the role of data and governance within the process can lead to greater mission
success.
About the Author
Carolyn Duby is the current Field CTO and Cybersecurity Lead at Cloudera
Government Solutions. With nearly three decades of experience, Carolyn
spearheads the digital transformation efforts for Cloudera’s customers and
delivers high-performance, data-intensive applications in a variety of
industries. She can be reached online at our company website
https://www.cloudera.com/solutions/public-sector.html
Cyber Defense eMagazine – August 2023 Edition 34
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.