Zero Trust – ZT relies on mutual authentication, verifying the identity and integrity of devices whether they exist inside or outside the network, and providing access to applications and services based on the confidence of device identity and device health in combination with user authentication and authorization. This provides a secure foundation for trusted communications and interactions between devices. One of the foundational pillars of the Zero Trust security model is device security. The cybersecurity posture and the trustworthiness of the computational platform of a device is critical attribute of the Zero Trust architecture. Even in cloud-based implementations, the computation must occur at some hardware platform. Integrating the security of devices at the computing edge into a Zero Trust security model is critical to ensure that the application running on the hardware only gets limited and allowed access to the computational and other resources at the compute level.
As the world becomes increasingly interconnected, threat monitoring and detection methods have not been able to innovate to keep up with this change. Our current response to cyber threats is to add more sensors in the computer networks to monitor for anomalous activity in network data traffic to detect cyber threats. However, the amount of data organizations must capture and sort through to find that needle in the data haystack continues to increase. There are multiple challenges to this approach the ever increasing amount of data, the computational capacity to inspect this data in real-time and to detect anomalous activity. With the increasing complexity of the attacks and zero-days, the organizations continue to fall victim to the threat actors. There is a lot of optimism and promise associated with Artificial Intelligence – AI and Machine Learning – ML techniques to detect zero-day attacks, however, these approaches have limitations. Even the application of these techniques to look for the “known unknowns,” leaves many attacks undetected.
Read the full case by clicking the image below: