Sign in to my dashboard Create an account
Menu

Zero Trust and cybersecurity mesh: Setting the standard for data security and cyber resilience

Sun behind the gate
Contents

Share this page

Jason Blosil Author Photo
Jason Blosil
426 views

Remote work is here to stay. With more and more workers operating outside the walls of their organization’s secure perimeter, the gateway to cyberattacks is open and the floodwaters are raging. In the past 2 years, cyberattacks have been on the rise (50% more cyberattack attempts per week), and they’re expected to continue rising throughout the near future.

It’s a matter of trust

Preventing cyberattacks and unauthorized access to company information is a matter of trust. Traditional cybersecurity solutions set up a perimeter around whatever the organization wants to protect. Users within the perimeter are typically granted some level of automatic trust, and verifications are very few. But once a user is outside the corporate network and using personal devices and public internet connections to access company data, security gaps are exposed, giving cybercriminals the perfect opportunity to attack.

To make remote access more secure, organizations set up VPNs. But a VPN alone is not an effective solution against cyberattacks. In fact, last year’s ransomware hack into the Colonial Pipeline that shut down systems supplying nearly half of all fuel to the eastern United States was carried out by hacking into the company’s VPN.

As cybercriminals get smarter and more innovative with their attacks, a security solution based on perimeter defense alone can easily be compromised by today’s sophisticated attackers.

Trading trust for confidence

To improve cyber resilience, organizations are setting up a cybersecurity mesh with Zero Trust security as the core principle. A cybersecurity mesh takes security outside the fortress walls and builds layered security around individual devices for added defense. Gartner predicts that by 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90%.

A Zero Trust security framework added to a cybersecurity mesh takes data security to the next level. Originally created by John Kindervag at Forrester Research, Zero Trust takes an inside-out approach to designing network security. But Kindervag emphasizes that it’s not a matter of trusted versus untrusted. It’s about constantly assessing confidence that users are who they say they are and that your security processes and protocols are acting as expected.

With Zero Trust, all traffic within a corporate environment is assumed to be hostile until proven otherwise. Every request to access a system must be verified and validated, regardless of the requester’s IP address, purported identity, or type (human, device, service, etc.). If access privileges are granted, they must be the absolute minimum required to carry out the request. To maintain security, all traffic must be monitored continuously at the data packet level to quickly detect and block anomalous content and behavior.

Kindervag offers these four design principles for creating a successful Zero Trust framework:

  1. It must always be aligned with the business and its desired business outcomes.
  2. It must be designed from the inside out, with the first question being, “What are you trying to protect?”
  3. It must control access and grant privileges on a granular, need-to-know basis.
  4. It must inspect traffic at the application level and enforce controls based on data packet contents.

Are you ready? Five steps for deploying a Zero Trust architecture

When you’re ready to get started, Kindervag offers these guidelines for deploying a Zero Trust architecture:

  1. Understand what you’re protecting. Identify the DAAS (data, apps, assets, services) elements to be protected and then put each element, one at a time, into a single protect surface with its own microperimeter controls and filters.
  2. Understand how the system works. Map transaction flows in order to build a baseline of normative interaction among users, resources, applications, services, and workloads.
  3. Build an environment-agnostic Zero Trust architecture. This should work across private and public clouds, on-premises data centers, SD-WANs, endpoints, SaaS applications, and so on. Each protect surface defined during step 1 requires its own unique Zero Trust architecture.
  4. Create policy. At this point, you’re ready to define the policies that determine who can access which protect surfaces, when (and for how long), where, why, and how. The policy engine becomes an integral part of the Zero Trust architecture.
  5. Monitor and maintain. Using correlated logs, machine learning, AI, and other advanced data analytics methods, turn telemetrics into real-time insights in to system and data security. During this step, it’s important to integrate threat intelligence, SIEM, and intrusion protection systems into your Zero Trust technology stack.

Preventing cyberattacks isn’t easy. However, by designing your data security from the inside out, you can build a stronger defense and increase your cyber resilience. For more information visit our cyber resilience solutions page and stay tuned for my next blog, in which I’ll talk about how to design an effective cyber resilience strategy.

Jason Blosil

Jason is a business and marketing professional with over 20 years of product marketing, product management, and corporate finance experience. Since joining NetApp in 2008 he has been focused on SAN and NAS storage, backup and disaster recovery solutions, and cloud data services. When not in the office, you can find him cycling, cooking, enjoying time with family, and volunteering at his church and in the community.

View all Posts by Jason Blosil

Next Steps

Drift chat loading