Page 233 - Cyber Defense eMagazine June 2024
P. 233
A Zero Trust Approach
At Neya, we are taking a Zero Trust approach with autonomous vehicles to secure network
communications, monitor endpoints, implement identity and access management, and implement
cryptographic key management, to name a few examples.
Zero Trust is built upon the philosophy of “trust nothing, verify everything.” Historically, cybersecurity
protections have followed Defense-In-Depth, or Layered Security approaches which are based upon
physical security concepts of building a bastion. With these security models, you have a trusted internal
network and untrusted external network divided by a multi-layered perimeter. Threats are typically
identified when these protection layers are penetrated. Instead, Zero Trust assumes that threats may be
present both inside and outside the network perimeter.
Another way to look at this is that traditional security implementation models are system-centric, whereas
Zero Trust is data-centric. This is a key component of understanding the importance of Zero Trust, since
it is concerned with knowing: 1) what data you have; 2) where it is moving within and outside of your
network; and 3) who is accessing it.
The threat landscape is always evolving; therefore, the attack surface is much wider than it ever has
been. There is a constant escalation between threat actors and those defending against them. As security
breaches are detected and investigated, leading to improved defensive measures, offensive actors are
forced to develop novel techniques to circumvent enhanced protections. Additionally, IT and OT
environments have grown more complex in the last decade. Most environments are now hybrid on-
premises with cloud-based components, or multi-cloud. Add in the growing diversity of physical devices
such as mobile phones, tablets, wearables, and other IoT devices, which are leading traditional security
models to age out of relevancy to effectively protect data and the end-user. A point of vulnerability only
recently considered is with autonomous systems, or in this case, autonomous vehicle systems.
With the growing complexity of environments and diversity of devices accessing networks in mind, Zero
Trust aims to defend against these many modern use cases. Above all, you need to protect sensitive
data. Zero Trust provides the framework to secure access to resources, regardless of the user or device’s
location with consistent and enforceable security policies. Implementing least-privilege access policies
and encryption mechanisms, followed by continuous verification of both user and device identities, allows
organizations to prevent unauthorized access to critical data assets. The goal is to reduce the attack
surface available to threat actors. One critical piece of Zero Trust is focused on continuous monitoring
and behavioral analysis to detect anomalies and suspicious activities in real-time.
Real-Time Threat Identification
To be effective, cyber autonomy must be able to intelligently identify risks and take action to mitigate
potential threats to autonomous vehicle missions. It must be completely self-contained, capable of
autonomously detecting, reporting, and defending against threats that can exploit or disrupt a mission.
By implementing a suite of behavioral analytics to baseline an expected, normal state-of-vehicle
operation, we can leverage anomaly-detection techniques that will function as the “intelligent” subsystem,
which then inform the decision-making capability of a cyber autonomous system.
Cyber Defense eMagazine – June 2024 Edition 233
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
