In the recent MGM breach, attackers studied the social media profiles of support personnel and impersonated them to get privileged access credentials. Zero trust security should be ingrained in all tech stacks and identity management at scale. CISOs should assume that breaches have already happened and design networks to restrict the depth and blast radius of incursions.
Gartner has released a new Buzz Phase for Zero Trust Networking
Gartner’s Hype Cycle for Zero Trust Networking covers 19 important technologies to assist CISOs in navigating the issue of ransomware attacks, including microsegmentation, Kubernetes networking, safe access service edge, and security service edge. According to VentureBeat, eleven fundamental technologies, namely container security, enterprise browsers, Kubernetes networking, managed SASE, microsegmentation, OpenID Connect, remote browser isolation, SSE, unified endpoint security, and the zero trust approach, can provide the most value to CISOs.
Definition of zero-trust networking
According to Gartner, zero trust networking (ZTN) is the integration of zero trust ideas into network infrastructure, with access granted based on real-time identity and context validation. Enterprise-class ZTN infrastructure provides access to network resources for authenticated and authorized identities while adhering to the principle of least-privileged access. According to CISOs, organizations’ success in adopting Zero Trust Network Access (ZTNA) makes ZTN more effective in securing virtual teams, scaling up digital transformation initiatives, reducing attack surfaces, and protecting against privileged access.
People Also read – 5 ways CISOs can prepare for generative AI’s security challenges and opportunities
Ten noteworthy zero trust technologies
1. Security of containers
Early vulnerability and configuration detection is achieved by developer container security tools. These production technologies offer runtime protection against compromised images and exposed containers. Secure dynamic container environments with network segmentation and runtime behaviour monitoring.
2. Company browsers
Secure and managed browsers combine access to lower the possibility of dangerous websites or downloads. Increasingly, employees who are spread out are using secure websites. It is crucial to have granular policy control on downloads, extensions, and web content.
3. Kubernetes networking
Kubernetes networking satisfies the requirements of Kubernetes regarding scale, security, and visibility. Important characteristics include microsegmentation, multi-cluster connection, load balancing, and service discovery.
4. Supervised SASE
Managed SASE leverages the resources and experience of providers to speed up installations of integrated networking and security as a service. Reduced personnel risks, speedier SASE capability enablement, and integrated management are some of the main advantages. According to VentureBeat, SASE will continue to gain from quicker networking and security convergence.
5. Microsegmentation
Fundamental to the NIST SP800-207 zero trust standard, microsegmentation offers several advantages, such as limiting lateral movement following breaches by implementing identity-based access controls between workloads. Not only does it offer network zoning, but it also offers fine-grained controls over east-west traffic based on workload identification.
6. Connect with OpenID
An authentication mechanism called OpenID Connect enhances privacy, security, and user experience. Enabling single sign-on across devices, applications, and APIs is becoming increasingly popular.
7. Remote Browser Isolation (RBI)
RBI remotely executes web code to isolate browsers and prevent risks including phishing, drive-by downloads, and data exfiltration. This reduces the attack surface. To cover more use cases, leading suppliers are concentrating their innovation efforts on enhancing isolation methods and integrating with ZTNA and Secure Web Gateway (SWG).
Granular upload/download restrictions, as well as interfaces with Cloud Access Security Brokers (CASB), data loss prevention (DLP), and sandboxes, have been introduced to analyze risks reported during isolated browsing sessions.
8. Security Service Edge (SSE)
To protect online, SaaS, and private apps while guaranteeing consistent and scalable system-wide administration, SSE combines SWG, CASB, and ZTNA into a single cloud platform. Standardized policies, automated workflows, and data exchange between connected systems are made possible by tight integration. SSE’s unified design further enhances the remote user experience. SSE improves consistency and efficiency by simplifying management and coordinating security technology.
9. Unified Endpoint Security (UES)
Risk-aware security policies and automatic remediation are made possible by UES, which integrates endpoint management and protection. Through the integration of real-time telemetry threat data into operations processes, it facilitates risk-based patching prioritization and continuous validation of endpoint configurations for more efficient security posture management.
10. Strategy of zero trust
The foundation and operations of a zero trust programme are established by a zero trust strategy. It guarantees the least privileged access to all requests for identities and resources. It lessens the breach and incursion explosion radius. Strategies have to match risk tolerance and company goals. Zero trust tactics need to be customized to each company to be successful.
Conclusion
The MGM ransomware assault emphasizes the value of microsegmentation and identity-based security, with zero trust acting as a framework to limit breaches. Zero trust, however, cannot fend off attacks from generative AI, and its resilience is essential to its worth as a business choice.