Zero Trust

For the past few years I was puzzled by the concept of Zero Trust (ZT). I thought it was this big, nebulous thing that I just could not wrap my mind around.  Every time I asked a vendor partner for a definition I received a different one, and each one just lead me to having more questions.   I finally sat down with a group of trusted practitioners and vendor partners and forced a meeting that lasted as long as it took for me to understand what is meant by ZT.  Here is what I came up with.  Hopefully, you will find it to be somewhat useful if you are just now starting your look into ZT for your organization, and if you are not – you should be.

ZT is not a single architecture but a set of guiding principles for workflow, system design and operations that can be used to improve security posture (NIST 800-207).  ZT follows three core principles of: assume breach , explicitly verify, and least privilege.  Core parts of ZT are privileged access management, placing cybersecurity controls at the perimeter, on the end points, and building out your defense in depth architecture.  ZT is having items such as the following in place:

  • MFA
  • Mobile Device Security
  • EDR/Advanced EDR
  • CASB
  • Email Security
  • Privileged Access Management
  • Clean Admin Workstations
  • Tools to protect or secure legacy infrastructure and apps
  • Going passwordless should be strongly considered. –
  • NAC
  • DLP
  • IPS and AV at the Perimeter level and server host level
  • Network segmentation
  • Management of Special through their life-cycle
  • Removing Admin from the users that don’t need it: removing unnecessary services, ports, protocols or applications (principle of least privilege)
  • Just in Time (JIT)  – this is providing elevated privileges only when required and then removing them. 

In reading through this list, most of you have already put in place most or all of the items on this list.  Which means that you are well on your way or have pretty much completed your ZT journey. 

Other items of possible interest:

  • Continuously communicate and start communications with regional and country counsel as early as possible.  Keep them informed of the ZT journey and how/why the environment is changing.
  • NIST 800-207 is a short read about ZT

About mclaukl

Professional Certifications - Certified CISO, CISM, CISSP, PMP, ITIL Master Certified, GIAC Security Leadership Certificate (GSLC), CRISC. Kevin also holds Certificates in the Advanced Principles of Information Security and in Advanced Information Security Research Methods from Jones International University. Kevin L. McLaughlin began his career as a Special Agent for the Department of Army. He was responsible for investigating Felony crimes around the globe. He has had many careers over the years, including being a Police Officer in Kissimmee Florida, an Investigator for Mastercard/Visa, a Middle School teacher, a Director at Kennedy Space Center (where he worked with Fred Hayes, James Lovell, Armstrong, Sheppard, etc.), the President of his own company, an IT Manager and Senior Information Security manager with the Procter & Gamble (P&G) company (fortune 35), a CISO at the University of Cincinnati and a Senior Information System Security Manager for the Whirlpool Corporation (fortune 125). Kevin has also been an adjunct since 1992. While at P&G Kevin created one of P&G’s augmentation outsourcing teams in India. Kevin designed and implemented this India team and it won a global Gold Service award from Atos-Origin and has acted as a model for countless corporate relationships since. Over the years Kevin has: created an Information Security program conducted Information Security Strategic planning designed Information Security solutions, investigated over 700 Cyber cases and operated a Global Security Operations Center. • Education - MS in Computer Science Education, BS in Management of Information Systems * PhD in Cyber Security, University of Fairfax
This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s