Traditional methods of cyber defense, like perimeter-based network security, have always emphasized the need of keeping adversaries out of our networks, building a 'fortress ' that would stop attackers while allowing secure access to legitimate users. In such a model, trust is typically binary: either the user is authenticated (trusted) or not. Once access is granted to a user, that level of trust is hardly re-evaluated, and when it is, it is usually as a result of an incident, when it is often too late.
Although modern client-side attacks have made evident that the old perimeter security model based on 'moats ' and 'castles ' is clearly insufficient, this architecture is still the most commonly deployed today. With this in mind, back in 2011, Forrester published a report on a new model called 'Zero Trust ', a data-centric approach that promotes a new way to think about cyber threats, one that assumes that the adversary is already on the network, that you have been already compromised.
While this model has been known for some time, it seems that Zero Trust has only gained major popularity recently. The increasing use of cloud and the adoption of BYOD (Bring Your Own Device) policies are contributing to the strong appeal that zero-trust architectures have for both commercial and government organizations. Furthermore, the release of the Draft Publication on Zero Trust by NIST in late 2019 guarantees that this will be one of the most discussed topics by the infosec community in 2020.
But is Zero Trust just a new marketing buzzword, a simple iteration over the well-known 'least privilege ' mindset, or a truly innovative strategy? Is Zero Trust truly attainable? If so, how do you get started and what are some of the tools and technologies that are available to implement it?
To answer these questions, join SANS instructor Ismael Valenzuela, co-author of Security 530: Defensible Security Architecture and Engineering, as he chairs a one-day forum of vendors and security professionals that will share their experience and provide specific advice on how to implement Zero Trust strategies.
Relevant Security Operations Topics:
Earn four CPE hours for attending this virtual event.