What is zero trust?
Contrary to popular belief, zero trust is not a product or a service. It’s a strategic approach behind an architectural model that, put simply, focuses on:
- Encrypting all data at rest and in transit.
- End user identity, which must be authenticated with multiple factors (MFA).
- Every device and user must be authenticated continuously when attempting to access organizational data.
A true zero trust environment requires this focus across five different pillars:
- Identity
- Device
- Network
- Application workload
- Data
Why begin the zero trust journey?
- The advancement of cyber threats and the rate of attacks are accelerating. Small, medium, and Fortune 500, as well as state and local governments, healthcare, retail, finance, manufacturing, technology, agriculture—you name it, it’s vulnerable.
- Current controls, no matter how effective today, will soon be ineffective.
- Federal regulatory requirements; Executive Order 14028 requires agencies to create a zero trust implementation plan, and M-22-09 requires the implementation of the plan by the end of 2024.
- The shift away from the network perimeter has resulted in networks losing their edge. This new architectural design with no edge requires new solutions and strategies to protect from threat actors.
*edge—singular noun. If something has an edge, they have an advantage that makes them stronger or more likely to be successful than another thing.
Proper implementation of zero trust makes it significantly more difficult for threat actors to move around inside their targeted environments, reducing the risk of data acquisition and exfiltration or ransomware attacks.
Where are you now?
The Cybersecurity and Infrastructure Security Agency (CISA) zero trust Maturity Model can be used as a reference to understand where you are now and what the optimal state is. Every organization’s path to zero trust is different, and knowing where to begin by assessing the current state, risks, priorities, and timelines, requires cross-organizational groundwork.
Identity | Device | Network/Environment | Application Workload | Data | |
Traditional |
|
|
|
|
|
Visibility and Analytics Automation and Orchestration Governance | |||||
Advanced |
|
|
|
|
|
Visibility and Analytics Automation and Orchestration Governance | |||||
Optimal |
|
|
|
|
|
Visibility and Analytics Automation and Orchestration Governance |
How can CBTS help?
CBTS’ enterprise cloud architecture and security services combine to deliver solutions with security controls integrated into the design. Our battle-tested blueprints and processes ensure rapid, efficient, and effective zero trust deployment.