Zero trust strategy insights has been saved
Zero trust strategy insights
Never trust, always verify with a zero trust security model
In this era of evolving business models, shifting workforce dynamics, cloud adoption, and increased device and connectivity complexity, many organizations are prioritizing the adoption of the zero trust security model. A zero trust strategy for cybersecurity provides the opportunity to create a more robust and resilient security, simplify security management, improve end-user experience, and enable modern IT practices.
Deloitte’s Zero Trust framework
A Zero Trust model is built upon strong foundational capabilities across five fundamental pillars: users, workloads, data, networks, and devices. Data protection is the goal and is represented centrally in our framework. Organizations should have an understanding of what data exists, the classification and criticality of that data, who and what should be able to access that data, the mechanisms by which that data should be accessed, and the appropriate security controls to protect it – both at rest and in transit.
What is zero trust security model?
A zero trust strategy brings with it a set of design principles that guide security architecture development and build on existing security investments and processes. To enforce access control, companies must have situational awareness of their data and assets; companies that lag on basic cyber hygiene principles and practices may be challenged to realize the full benefits of zero trust. Fundamentals include:
- Data discovery and classification. Data governance, inventory, classification, and tagging are critical. To create the appropriate trust zones and access controls, organizations need to understand their data, the criticality of that data, where it resides, how it is classified and tagged, and the people and applications that should have access to it.
- Asset discovery and attack-surface management. Many organizations lack a real-time, updated inventory of all IT resources—including cloud resources, IP addresses, subdomains, application mapping, code repositories, social media accounts, and other external or internet-facing assets—and therefore can’t identify security issues across the complete attack surface. To facilitate risk-based policy decisions surrounding their assets, it’s critical for organizations to understand the enterprise IT environment.
- Configuration and patch management. Without the ability to efficiently manage and document baseline configurations of key technology systems, deploy appropriate patches, test patched systems, and document new configurations, companies cannot easily identify changes and control risks to these systems. Malicious actors can exploit any vulnerabilities to gain a foothold within an organization.
- Identity and access management. To ensure that access to technology resources is granted to the proper people, devices, and other assets, enterprises need to standardize and automate their identity life cycle management processes. They can extend their operations beyond traditional boundaries while protecting critical resources and maintaining an efficient user experience by moving the identity stack to the cloud, consuming identity-as-a-service, or implementing such advanced authentication methods as physical biometrics, behavioral monitoring, and conditional access.
- Third-party risk management. To fully understand their entire risk surface, organizations need greater visibility into cyber risks related to their supply chains and ecosystem partners, including suppliers to third-party vendors.
- Logging and monitoring. To identify potentially malicious incidents and issues, security teams need automated logging and monitoring systems with advanced AI and machine learning capabilities to help simplify the process of tracking, analyzing, and correlating data from volumes of detailed logs as well as alerts generated by internal and external systems, security controls, networks, and processes.
Cyber Risk Services
Benefits of zero trust security model
A zero trust architecture may overcome common challenges of traditional cybersecurity approaches by leveraging new capabilities and opportunities to close gaps and become more agile and efficient. Potential benefits of zero trust include:
- Ubiquitous security. When users, devices, resources, and their related data are identified and isolated, intrusions that may occur can similarly be isolated to prevent lateral movement and limit the potential blast radius. Such an environment requires a high degree of automation and orchestration, resulting in a more secure, resilient, and integrated environment. This compares with a traditional, perimeter-centric approach to security where layered but siloed defenses can be pierced to expose the internal environment and potentially put the entire organization at catastrophic risk.
- Evasive target. The fully integrated, dynamic approach under zero trust can protect the organization regardless of where connections originate. This makes the organization more difficult to target than one whose infrastructure is easily identified by adversaries.
- Increased visibility. Analytics such as anomalous detection, machine learning, AI, and real-time data inventory and cataloging can enable organizations to gain broader, real-time visibility into their threat landscape. This deployment of active defense technologies can overcome the limited visibility that is more common, where organizations may identify threats only as they hit the perimeter.
- Predictive. Organizations can anticipate adversary movements and initiate pre-emptive action more proactively than with traditional defenses, which are more reactive in nature.