Zero trust: Reputation means nothing anymore

At Cisco, Will Ash helps U.S. government agencies manage cyber risk and secure their mission.

Will Ash, Sr. Director, U.S. Public Sector, Cisco

Cyberattackers exploit the trust we place in people and technology to breach critical systems and data. They target our trusted suppliers, partners and service providers. And the startling cyberattacks that keep happening teach an important lesson: Organizations simply cannot trust anything or anyone anymore — everything is a potential attack vector.

No wonder why zero-trust security keeps gaining traction among both government and industry enterprises. But what is zero trust?

Last year the National Institute of Standards and Technology (NIST) released a comprehensive Zero Trust Architecture special publication (NIST SP 800-207). It outlines seven core tenets, followed by a six-part view of a zero-trust network, plus details on components, deployment scenarios, use cases, and more. It’s an incredibly valuable report, but it can seem a bit overwhelming. So, let’s dial the complexity down a little.

At its core, zero trust means that trust is neither binary nor permanent. People and devices cannot “earn” trust, and a trustworthy reputation means nothing. It doesn’t associate “internal” with “trustworthy.” Zero trust validates and revalidates everything, at each access attempt. It monitors everything in real time to spot changes or behavior that appear risky, and it takes immediate action.

Let’s simplify it further with just pillars to describe zero trust:

• Zero trust for the workforce: Ensures that users and devices can be trusted at the moment they try to access systems, regardless of location. Authorization is brief and constantly reassessed.
• Zero trust for the workplace: Secures network access for all systems and devices and enforces least privilege to tightly control where they can go.
• Zero trust for workloads: Prevents unauthorized access within application environments no matter where they they’re hosted.

Understanding zero trust is one thing; adoption is quite another. So, take a breath, and take comfort in NIST SP 800-207, which says that zero trust is “a journey rather than a wholesale replacement of infrastructure or processes,” and encourages small steps to implement it over time. It’s certainly possible to build a zero-trust architecture from scratch. But at Cisco, we’re helping agencies migrate from legacy, perimeter-based architectures today.

But where do you start?

A zero-trust journey begins with a platform approach that balances security and usability at scale. It consistently enforces policy-based controls both on-premises and in multiple clouds; it provides real-time visibility into users, devices, components and applications. It identifies threats and automates response actions. Just use the three-pillar approach we already introduced: zero trust for the workforce, workloads and workplace.

Zero trust for the workforce

Authentication has always been critical to ensure that people and devices are who they say they are. Unfortunately, passwords are putting us at risk because they are stolen, cracked, guessed, weak and left unchanged for long periods of time, sometimes forever. Zero trust demands better.

Imagine if an organization could establish trust in users and devices through multifactor authentication and continuous monitoring of each access attempt. You’d be able to:

• Protect against all-too-common credential compromise.
• Enforce least privilege access policies for every application, individually.
• Block access from risky, compromised or non-compliant devices.

By starting with zero trust for the workforce, you’ll be able to make some of the most important incremental steps toward a zero-trust architecture. The enterprise will rely less on reputation, and more on strong authentication and continuous verification.

Zero trust for the workplace

Next, let’s consider your modern workplace. It’s everywhere and anywhere. Therefore, zero trust should allow authenticated users to reach authorized resources from any location or any device, according to your agency’s set policies. It shouldn’t matter where the applications are or where they’re hosted either.

The zero-trust workplace helps to:

• Secure network access by automatically identifying, classifying and authorizing everything on the network.
• Segment the network to enforce least privilege access and dynamically contain threats.
• Spot hidden threats in encrypted traffic without decrypting it.

Through zero trust for the workforce and workplace, you’ll have made critical improvements to dramatically reduce unnecessary risk. But let’s not forget about applications and data, which brings us to workloads.

Zero trust for workloads

Think of all the pieces that make modern government applications work: Clouds, virtualization, containers, microservices, APIs and more. How can you eradicate trust from the complex web of today’s application stacks?

Zero trust for workloads provides visibility into applications — no matter where they are —to see and control how they work. It enables application segmentation to minimize lateral movement, and monitors application performance to identify root causes. After all, some operational problems are caused by security problems — ransomware is a simple example. So, if you can visualize and control every component and dependency across any environment, you’ll restrict resource access to only those explicitly authorized at that moment in time.

Reputations mean nothing in a zero-trust architecture. People, applications and devices are everywhere, and nothing is “internal” anymore. Yet your mission relies on the confidentiality, integrity and availability of today’s modern government IT. It’s nearly impossible to do away with legacy, perimeter-based approaches. Zero trust is the way forward.

Learn more about how Cisco can help your organization implement a comprehensive zero-trust security model.