Virtual Keynote for ISMG Virtual Cybersecurity Summit: Zero Trust, April 21, 2020
When Perimeter Defenses Are Not Enough: How Multidimensional Protection Strategies Can Provide True Cyber Defense-in-Depth
The Advanced Persistent Threat (APT) is extremely dangerous to the national and economic security interests of the United States. We are totally dependent on computing systems of all types—including traditional Information Technology systems, Operational Technology systems, Internet of Things (IoT) systems, and Industrial IoT systems—to accomplish critical missions and business functions. The recent and rapid convergence of these types of systems has brought forth a new class of systems known as cyber-physical systems, many of which are in the critical infrastructure sectors including energy, transportation, defense, manufacturing, and information and communications.
To address this reality in the 21st century, the one-dimensional protection strategy focused solely on perimeter-based defenses must be transitioned to a new multidimensional, defense-in-depth protection strategy that includes three, mutually supportive and reinforcing concepts: (1) penetration resistant architectures; (2) damage limiting operations; and (3) system designs that support cyber resiliency and survivability. This strategy, as described in the NIST SP 800-160 systems security engineering series, recognizes that despite the best protection measures implemented by organizations, the APT may find ways to breach those primary boundary defenses and deploy malicious code within organizational systems. When this situation occurs, organizations must have access to additional safeguards and countermeasures to confuse, deceive, mislead, and impede the adversary—that is, taking away the adversary’s tactical advantage and protecting and preserving the organization’s critical programs and high value assets.
A promising concept that can support a multidimensional protection strategy is Zero Trust Architectures. In accordance with NIST SP 800-207, zero trust is the term for an evolving set of cybersecurity paradigms that change the focus on cyber defenses from static, network-based perimeters to establishing trust among users, assets, and resources. A zero trust architecture uses zero trust principles to plan enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location. Authentication and authorization (both user and device) are discrete functions performed before a session to an enterprise resource is established. Zero trust is a response to enterprise network trends that include remote users and cloud-based assets that are not located within an enterprise-owned network boundary. This shifts the focus to protecting resources, not network segments, as the network location is no longer seen as the prime component to the security posture of the resource.
Security and Privacy: risk management, systems security engineering, zero trust