On May 12, The White House published its Executive Order (EO) on Improving the Nation’s Cybersecurity. The directive outlined a set of focus areas intended to improve cybersecurity for the federal government and critical infrastructure sectors including information sharing, supply chain security, endpoint detection and response, and cloud security.

Of particular emphasis was the need for broad implementation of Zero Trust Architecture (ZTA), a set of design principles intended to continuously revalidate the authenticity and authorization of persons, devices, and services, assuming a “deny-by-default” approach to security given the deterioration of any defensible perimeter in enterprise networks. It explained, “The Federal Government must … advance toward Zero Trust Architecture.” It went on to note how Federal Civilian Executive Branch (FCEB) agencies must “develop a plan to implement Zero Trust Architecture, which shall incorporate, as appropriate, the migration steps that the National Institute of Standards and Technology (NIST) within the Department of Commerce has outlined in standards and guidance.”

That last part refers specifically to NIST’s Special Publication (SP) 800-207, a document which identified seven basic tenets of zero trust. One of those principles stood out to us here at Tripwire. It reads as follows: “The enterprise monitors and measures the integrity and security posture of all owned and associated assets.”

This makes perfect sense, as Zero Trust is fundamentally about the continuous revalidation of trustworthiness of the connecting entity in an enterprise environment. Fundamentally, trustworthiness is based on integrity, and integrity is only possible through continuous efforts to maintain it. For any connecting entity, integrity is maintained through faithful monitoring to ensure desired and secure state.

Integrity of systems is a central part of what Tripwire works to ensure on a daily basis. It uses File Integrity Monitoring (FIM) to determine when files change, how (Read more...)