Connect with us

Hi, what are you looking for?

Tech & Science

Time has come for zero trust to be the business security norm

Continuous monitoring and automation provide an underpinning foundation to achieve all pillars associated with a ZTA implementation.

Technology of the future? — Image by © Tim Sandle
Technology of the future? — Image by © Tim Sandle

Following the U.S. National Security Agency’s Cybersecurity Information Sheet with guidance for organizations to adopt zero-trust framework principles, the threats facing businesses show no sign of abating.

Looking into the essential points for adopting such a framework for Digital Journal is Kevin Kirkwood, Deputy CISO at LogRhythm.

Kirkwood begins by unwrapping the new guidance, noting: “The National Security Agency has unveiled a proposed first stages of a maturity model and use case that outlines the journey that government agencies should be on to achieve a zero trust architecture (ZTA) in a cybersecurity information sheet (CSI)”

Zero Trust is an approach taken to cybersecurity that seeks to secure an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. One example is with multifactor authentication.

To put this into context, Kirkwood draws on: “The use case highlights the 2013 Target breach that was achieved through compromised credentials on an HVAC (heating, ventilation and air conditioning) system that allowed bad actors to move laterally and horizontally across networks and systems to exfiltrate customer information. This case serves as a foundation for describing what could be achieved through network controls that align with the ZTA.”

Vigilance is important for preventing these cybersecurity events from manifesting. Kirkwood recommends: “Continuous monitoring and automation provide an underpinning foundation to achieve all pillars associated with a ZTA implementation. Security Information and Event Management (SIEM) platforms emerge as indispensable resources for organizations transitioning towards continual threat monitoring, maintaining visibility, and enabling risk-based responses across all pillars of the ZTA with a particular emphasis on network and environmental factors.”

This requires planning and execution. Kirkwood recommends: “This ongoing process of evaluation and trust calibration empowers organizations to swiftly identify potential threats, fostering a more pre-emptive cybersecurity posture.”

There will be learning points for firms as they navigate the requirements. Here Kirkwood observes: “As organizations navigate the evolving landscape of cybersecurity threats, the adoption of ZTA presents a crucial step toward bolstering defences and safeguarding critical assets. This CSI goes a long way towards arming IT and Security leaders with the information and a path to follow to achieve the goal of protecting their organizations through ZTA.”

Once threats have been identified, actions are necessary. Kirkwood acknowledges this, pointing out: “It’s imperative for organizations to take decisive action by embracing Zero Trust principles and implementing robust security measures tailored to their specific needs. By doing so, organizations can fortify their resilience against emerging threats and uphold the integrity of their digital ecosystems.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

To stay hydrated it’s important to make sure your water levels are constantly being topped up throughout the day.

World

Stop pretending to know what you’re talking about. You’re wrong and you know you’re wrong. So does everyone else.

World

Jordan Bardella is the new kid on the rightist block - Copyright AFP PATRICK HERTZOGToni CERDAFrance’s far-right National Rally is banking on its youthful...

World

Sunny skies returned a day after torrential downpours paralysed Dubai and other parts of the United Arab Emirates - Copyright AFP Saeed KHANTalek HARRISDubai’s...