During the Cyber Security Experts Panel at CDM Central last month, I joined government experts from the U.S. Small Business Administration and Department of Health and Human Services — along with fellow industry experts — to discuss what the future holds as technologies, and work environments continue to shift. We also shared advice on how federal agencies can start to implement zero-trust models.
The expansion of remote work has dramatically changed the threat landscape — causing agencies to think beyond network-centric security. To secure remote infrastructures, many agencies have embraced zero trust.
A zero-trust architecture allows IT teams to provide users and devices with secure access to data — regardless of whether the user is on-site or remote, an employee, or a third-party.
Systems with zero trust rely on data that shows how the user is accessing the network. Ideally, this should be real-time data that gives IT teams timely and accurate information to make better risk-based decisions on who is granted access.
Additionally, alignment of the security operations center and network operations center through a common platform improves visibility into agency cyber posture. In return, IT teams can effectively break down data silos — allowing for near real-time investigation, detection and remediation of endpoints to deliver speed, visibility and control.
Right now, the most urgent focus in securing infrastructures is around lateral movement detection and blocking of unnecessary rights, so agencies can proactively understand what rights are given to users and machines and then apply that least privileged model.
The Continuous Diagnostics and Mitigation (CDM) Program, managed by the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency, is helping agencies expedite their process and secure systems with a zero-trust infrastructure. When implementing this infrastructure, agencies should:
- Understand the importance of data currency. Agencies are often working off stale data that can be days or even months old. Implementing a zero-trust platform allows for near real-time investigation, detection and remediation of endpoints, providing speed, visibility and control.
- Develop an integrated platform. Agencies need to integrate endpoint management and security, breaking down data silos and closing the accountability, visibility, and resiliency gaps between IT operations and security teams.
- Reduce complexity. CDM provides the building blocks for a zero-trust architecture, but it cannot be achieved with disjointed solutions. Agencies need to reduce complexity and shrink risk to manage and secure the environment wherever the endpoint exists.
Learn more about how Tanium, Cloudflare and BeyondCorp can help you establish a best-in-class zero trust security practice.