Defending an Increasingly Blurred Perimeter with ZTNA and SASE
Forcepoint hosted the Cyber Voices Zero Trust Summit today. It was a virtual conference similar to the SASE CyberSummit they held back in June. One of the sessions that stood out was “A CISO’s Perspective on Zero Trust”—a discussion between Myrna Soto, chief strategy and trust officer for Forcepoint, and Andy Vautier, chief information security officer for Accenture. It was an engaging and enlightening session that highlighted the increasing need for ZTNA (zero trust network access) and SASE (secure access service edge) to help secure and protect the “new normal”.
Let’s start with a brief overview of what ZTNA and SASE are.
Defining ZTNA
ZTNA stands for zero trust network access. It is a term used to describe zero trust—or more specifically the broader security architecture necessary to implement a zero trust security strategy. The basic premise is that no traffic or device or user is trusted by default. The concept assumes that all activity is malicious until or unless proven otherwise, and relies on a variety of contextual and real-time data to determine the relative risk of allowing access and either require additional levels of authentication or reject the access request.
Understanding SASE
SASE is an acronym for Secure Access Service Edge. It is a term that embraces the more fluid and dynamic definition of where the network edge is and how to protect it. As organizations have embraced mobile computing, cloud migration, and digital transformation, the idea of a network perimeter has eroded out of existence. The endpoint or user is now the “edge” of the network from a cybersecurity perspective, and SASE helps organizations protect their data more effectively.
Blurred Perimeter
Myrna set up the session by describing how the perimeter is continuously getting blurred even further. That was already true given the shift to mobile devices and cloud computing, but the COVID-19 pandemic forced many companies to adopt a 100% remote work-from-home model overnight, which completely obliterated the notion of a perimeter. Now, the home of every employee is the “perimeter”.
Andy noted that when the pandemic first hit and businesses responded by shutting down offices and telling employees to work from home, they were looking at it like an event—a temporary response like they would do for a hurricane or blizzard. Eight months later and faced with the third spike in COVID cases despite never having gotten the initial spikes under control, it is now apparent that this is the “new normal” and that businesses need to optimize the user experience and security models to adapt accordingly.
One of the biggest challenges is with visibility. Moving en masse to a work from home model means that employees are now using personal computers connected to personal Wi-Fi networks to access company resources and data across the public internet. IT teams had a hard enough time maintaining visibility within their own network, but the new scenario is utter chaos for many companies. Andy stressed the need for ubiquitous coverage and closing gaps in visibility and said that is a challenge that Accenture has been extensively working on.
They also talked about the dramatic expansion of the attack surface created by the current situation. Suddenly there is a much greater variety of devices and networks to monitor and protect—and exponentially more opportunities for attackers. This in turn requires security teams to take steps to reduce the possibility of lateral movement if an attacker gets inside the network. Andy noted that organizations should assume the perimeter is porous and expect that someone will get in—or has already gotten in—and do everything possible to constrain the ability to move laterally or inflict damage.
Data is the New Oil
Data is the new “oil” for businesses today. Myrna referenced perspective Chase Cunningham, VP and principal analyst with Forrester, has previously shared that companies that do not embrace some form of user monitoring will be out of business in the next 20 years as their intellectual property is compromised and exfiltrated – aka walks right out the door. She noted Forcepoint has seen a spike of more than 600x in spear phishing attacks since the beginning of the COVID-19 pandemic as attackers strive to take advantage of the chaos and expanded attack surface to get that data.
According to Andy, it takes the right combination of technology, artificial intelligence, and machine learning to be able to tune deployed technologies to effectively defend against a volatile threat landscape. He also commended Forcepoint for their efforts and what they have achieved thus far in terms of creating an end-to-end security ecosystem that enables customers to address issues in minutes rather than days or weeks.
In the end, though, it is not all about technology. Andy also cautioned that organizations should look at zero trust and SASE as overarching concepts that are not limited to technology. They should also consider the processes and behaviors behind the technologies, and think through what security should look like as the edge and perimeter continue to move outward and get more diffused.
The lessons and insights shared in this session were invaluable. Ultimately, we are all working to increase the trust in the use of technologies and capabilities, and our trust in each other. We need to employ tools like ZTNA and SASE to allow us to embrace the technological innovations that are coming to benefit society on a broader scale.
*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Tony Bradley. Read the original post at: https://techspective.net/2020/10/27/defending-an-increasingly-blurred-perimeter-with-ztna-and-sase/?utm_source=rss&utm_medium=rss&utm_campaign=defending-an-increasingly-blurred-perimeter-with-ztna-and-sase
