Page 85 - Cyber Defense eMagazine January 2023
P. 85

Trends Driving the Move to ZTA

            The following factors are key in driving the trend for Zero Trust Architecture (ZTA):

            1. Cyber attackers have become increasingly more adept at penetrating networks then moving laterally
            once inside

            2. The traditional perimeter security model is becoming ineffective in evolving enterprise

            3. More and more businesses, clients and customers, are using the cloud and personal devices to access
            internal networks, which blurs the boundaries between insiders and outsiders. Nowadays, the user is the
            perimeter.



            How Does Zero Trust Architecture Work?

            Zero Trust Architecture (ZTA) assumes there’s no network edge - and that networks can be local, cloud-
            based or a combination of both. It therefore requires a  robust set of controls. ZTA delivers granular
            perimeters and micro-segmentation that limits attackers from moving around internal networks - and in
            doing so, reduces the ‘blast radius’ of an attack and myriad potential threat vectors.
            When a day doesn’t seem to go by without another news story of a high-profile cyberattack, ZTA is
            looking increasingly like a company’s first line of defence. (Just last month, Cisco reported they’d had
            their corporate network breached via an employee’s VPN - which, thanks to their security team, was
            contained in time.)



            ZTA also enhances an organization’s security by leveraging additional data to drive security decision
            making around risks, threats, security posture and identity attributes.



            What Changes with ZTA that Affects Information Security Management?

            Traditional Infosec Management approaches are network-focused and include ISO 27001/27002; CIS
            Top 20 Critical Security Controls, and O-ISM5 The Open Group.

            Meanwhile, ZTA is asset and data-centric, and has a greater focus on Authentication, with more security
            controls aimed at authentication, devices, apps, APIs, micro-segmentation - and the data itself (applying
            encryption, for example).

            With  ZTA  in  place,  there  is  also  less  need  for bolt-on  security  systems,  traditionally  used  to  secure
            networks, while categories of security solutions - such as Network Access Control and IDS/IPS - must be
            either re-engineered to fit the new model or dropped altogether. There are also fewer point solution boxes
            to manage.







            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       85
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   80   81   82   83   84   85   86   87   88   89   90