Five ways to implement zero-trust based on NSA’s latest guidance – SC Media

Organizations across all industries experienced a surge of ransomware attacks last year as cybercriminals extracted $1.1 billion in payments from victims. To thwart these bad actors and improve network security, the National Security Agency (NSA) released a new cybersecurity information sheet: Advancing Zero-Trust Maturity Throughout the Network and Environment Pillar.

As the creator of zero-trust, Im pleased to see the NSAs document emphasizes a paramount, yet frequently overlooked element of zero-trust security: segmentation.

I have long advocated that segmentation stands as the fundamental essence of zero-trust. However, in recent years, there has been a noticeable tilt toward the Identity pillar of zero-trust, leaving network security controls vulnerable both on-premises and in the cloud.

As the attack surface expands and the digital landscape grows increasingly interconnected, segmentation of on-premise networks, cloud, multi-cloud, and hybrid environments becomes imperative for organizations to fortify resilience and establish enduring zero-trust architectures.

The NSA also recognizes the importance of "data flow mapping." Flow mapping has been a focal point of my zero-trust advocacy since its early days. Understanding system interconnections is essential for successfully architecting zero-trust environments.

NSAs document also underscores the significance of network security technologies in establishing a zero-trust environment. Organizations, whether on-premise or in various cloud environments have largely overlooked the importance of network security controls. I think of network security as the cornerstone of zero-trust, particularly in combating ransomware attacks that jeopardize essential services and disrupt everyday life.

The NSA has reaffirmed this pivotal role of network security, finally granting zero-trust segmentation (ZTS) the recognition it deserves. This guidance should help organizations comprehend the importance of the Network pillar within zero-trust and encourage them to pursue network security technologies as they progress toward implementing a zero-trust architecture.

As global connectivity grows, the attack surface expands. Thats why its imperative for organizations to delineate, map, and fortify their most critical Protect Surfaces within their zero-trust environments.

I hope the NSAs recommendations convince more organizations to implement zero-trust as they cope with the ever-changing cybersecurity landscape. These zero-trust principles have become mainstream across various industries and organizations of different sizes. As cyber threats evolve, more companies will recognize the need to implement a zero-trust approach to protect their digital assets.

Here are my recommendations for how to implement zero-trust effectively:

I commend the NSA for issuing its latest guidance because its a significant endorsement of the effectiveness and significance of ZTS, offering invaluable guidance for organizations seeking to fortify their cyber resilience amid the ever-changing threat landscape. Its impossible to prevent all cyberattacks, but implementing a zero-trust model will significantly reduce the potential damage and strengthen any organizations security posture.

John Kindervag, chief evangelist, Illumio

See original here:
Five ways to implement zero-trust based on NSA's latest guidance - SC Media

NSA fears quantum computing surprise: 'If this black swan event happens, then we're really screwed' - Washington Times - March 27th, 2024 [March 27th, 2024]
The NSA Warns That US Adversaries Free to Mine Private Data May Have an AI Edge - WIRED - March 27th, 2024 [March 27th, 2024]
Intel analyst shared classified information on Discord, investigators say - The Washington Post - March 27th, 2024 [March 27th, 2024]
Water Systems Vulnerable To Cyber Attacks, NSA And EPA Warn Governors - Forbes - March 27th, 2024 [March 27th, 2024]
Amritpal Singhs mother, kin of other NSA detainees go on hunger strike, want them to be shifted to Punjab jail - The Tribune India - February 24th, 2024 [February 24th, 2024]
Rob Joyce leaving NSA at the end of March - CyberScoop - February 24th, 2024 [February 24th, 2024]
NSA cyber director to step down after 34 years of service - Nextgov/FCW - February 24th, 2024 [February 24th, 2024]
Behind Khattar govts U-turn on NSA against farm leaders, fear of rural blowback, Congress gain - The Indian Express - February 24th, 2024 [February 24th, 2024]
Payday dispute prompts maintenance worker walkout at NSA Naples - Stars and Stripes - February 24th, 2024 [February 24th, 2024]
CISA, NSA, and FBI Warn of Chinese Cyber Hacking Army The Presidential Prayer Team - The Presidential Prayer Team - February 24th, 2024 [February 24th, 2024]
Cyber Security Headlines: Microsoft takes another hit, Energy giant hit by ransomware, the NSA is secretly buying your ... - CISO Series - January 30th, 2024 [January 30th, 2024]
India now cooperating with Nijjar probe: Canada's NSA - IndiaTimes - January 30th, 2024 [January 30th, 2024]
Google, WhiteSnake, Outlook, NSA, Juniper, Jason Wood, and More SWN #358 - SC Media - January 30th, 2024 [January 30th, 2024]
Readout of NSA Jake Sullivan's Meetings with PM Srettha and DPM/FM Parnpree - US Embassy in Thailand - USEmbassy.gov - January 30th, 2024 [January 30th, 2024]
NSA Admits Secretly Buying Your Internet Browsing Data without Warrants - The Hacker News - January 30th, 2024 [January 30th, 2024]
Readout of NSA Jake Sullivan's Meeting with CCP Politburo Member, Director of the Office of the Foreign Affairs ... - US Embassy & Consulates in... - January 30th, 2024 [January 30th, 2024]
Former NSA Saint has a chance to become repeat Super Bowl champion - The Suffolk News-Herald - Suffolk News-Herald - January 30th, 2024 [January 30th, 2024]
NSA is buying Americans internet browsing records without a warrant - TechCrunch - January 30th, 2024 [January 30th, 2024]
As NSA buys up Americans' browser records, Uncle Sam is asked to simply knock it off - The Register - January 30th, 2024 [January 30th, 2024]
NSA buys sensitive data on Americans without any court order - KJZZ - January 30th, 2024 [January 30th, 2024]
NSA Veteran Teresa Shea Joins Board of Directors of Two Six Technologies - ExecutiveBiz - January 30th, 2024 [January 30th, 2024]
How the FBI, NSA are preparing for deepfakes and misinformation issue ahead of 2024 elections - CNBC - January 14th, 2024 [January 14th, 2024]
AI is helping US spies catch stealthy Chinese hacking ops, NSA official says - CyberScoop - January 14th, 2024 [January 14th, 2024]
AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director - TechCrunch - January 14th, 2024 [January 14th, 2024]
NSA Director Paul Nakasone to Step Down in Early February - Bloomberg - January 14th, 2024 [January 14th, 2024]
NSA says cybersecurity will gain many benefits with generative AI - ReadWrite - January 14th, 2024 [January 14th, 2024]
FBI and NSA directors discuss their concerns about AI - WCBE 90.5 FM - January 14th, 2024 [January 14th, 2024]
Looking back at 2023 with the NSA's Rob Joyce and Morgan Adamski - CyberScoop - January 14th, 2024 [January 14th, 2024]
NSA: Benefits of generative AI in cyber security will outweigh the bad - ITPro - January 14th, 2024 [January 14th, 2024]
AI Identified as Emerging Threat in Cyber Crime by NSA Director - CoinGape - January 14th, 2024 [January 14th, 2024]
AI is helping China-backed hackers but it's also helping to hunt them down, NSA says - TechRadar - January 14th, 2024 [January 14th, 2024]
Top 10 misconfigurations: An NSA checklist for CISOs - The Stack - October 20th, 2023 [October 20th, 2023]
CISA and NSA Issues New Identity and Access Management Guidance for Vendors - TechRepublic - October 20th, 2023 [October 20th, 2023]
How to Protect Against Evolving Phishing Attacks - National Security Agency - October 20th, 2023 [October 20th, 2023]
NSA Shares Recommendations to Advance Device Security Within ... - National Security Agency - October 20th, 2023 [October 20th, 2023]
Nansemond-Suffolk tennis falls to Norfolk Academy Thursday - The ... - Suffolk News-Herald - October 20th, 2023 [October 20th, 2023]
NSA calls for a 'root and branch' review of Red Tractor - Farmers Guardian - October 20th, 2023 [October 20th, 2023]
Israel's NSA warns of US intervention as Gaza conflict escalates - IndiaTimes - October 20th, 2023 [October 20th, 2023]
The U.S. government is still in its Tumblr era. - Slate - October 20th, 2023 [October 20th, 2023]
Biden's Cyber Command and NSA nominee seen as a pick for continuity - The Record from Recorded Future News - July 17th, 2023 [July 17th, 2023]
5 Reasons to Work for the NSA - ClearanceJobs - ClearanceJobs - July 17th, 2023 [July 17th, 2023]
I will do my best as NSA: Ribadu promises - FRCN HQ - Federal Radio Corporation of Nigeria - July 17th, 2023 [July 17th, 2023]
Plateau killings: Reps ask NSA to declare national emergency - TheCable - July 17th, 2023 [July 17th, 2023]
7th Deputy NSA Meeting of Colombo Security Conclave held in ... - ANI News - July 17th, 2023 [July 17th, 2023]
Young shepherd from region wins NSA North Sheep trophy ... - Darlington and Stockton Times - July 17th, 2023 [July 17th, 2023]
HBO film based on NSA leaker Reality Winner slated for May 29 ... - Military Times - May 18th, 2023 [May 18th, 2023]
Tina Satter on why her NSA whistleblower film Reality is stranger than fiction - Financial Times - May 18th, 2023 [May 18th, 2023]
Gen. Paul Nakasone Plans to Step Down as NSA Director ... - Executive Gov - May 18th, 2023 [May 18th, 2023]
Readout of NSA Jake Sullivan's Meeting with CCP Politburo ... - US Embassy & Consulates in China - May 18th, 2023 [May 18th, 2023]
Young sheep farmers to be given genetic boost by new NSA giveaway - The Scottish Farmer - May 18th, 2023 [May 18th, 2023]
Sydney Sweeney wanted to be challenged by Reality: Its a different muscle playing someone who is real [Exclusive Video Interview] - Yahoo... - May 18th, 2023 [May 18th, 2023]
Intercepted: The Biggest Whodunnit of the Century - The Intercept - May 18th, 2023 [May 18th, 2023]
Personal injury + the No Surprises Act - Chiropractic Economics - May 18th, 2023 [May 18th, 2023]
PM Narendra Modi e-inaugurating new office complexes of CBI at Shilong, Pune and Nagpur, commemorating the CBI diamond jubilee on Monday. Also seen... - April 4th, 2023 [April 4th, 2023]
Special Collection Service - Wikipedia - March 31st, 2023 [March 31st, 2023]
What is the NSA and how does it work? - SearchSecurity - February 5th, 2023 [February 5th, 2023]
Watch: NSA Ajit Doval is Ambitious, Very Good at Sniffing Power and Being on the Right Side of itAS Dulat - The Wire - December 21st, 2022 [December 21st, 2022]
Shockwaves win another championship, this time at the NSA Fresno Pilgrimfest - Lompoc Record - December 12th, 2022 [December 12th, 2022]
EFCC secures forfeiture of N755m, luxury assets from ex-AGF, former aide to NSA The Nation Newspaper - The Nation Newspaper - November 23rd, 2022 [November 23rd, 2022]
What is the National Security Agency? - Norwich University - October 25th, 2022 [October 25th, 2022]
Cyber Security Today, Oct. 19, 2022 A warning from the NSA about nation-state attacks, and more - IT World Canada - October 21st, 2022 [October 21st, 2022]
In the Alphabet Soup of Regulations, the NSA, GFE and AEOB Have Yet to Coalesce - RACmonitor - October 6th, 2022 [October 6th, 2022]
Do not ignore any communication shared by NSCS, NSA: PM Modi to ministers - The Hindu - October 6th, 2022 [October 6th, 2022]
NSA Announces Date of the National Cryptologic Museum Grand Opening - National Security Agency - October 2nd, 2022 [October 2nd, 2022]
NSA and ACLU may face off in the Supreme Court over Wikipedia - Grid - October 2nd, 2022 [October 2nd, 2022]
The NSA is Here to Help | Decipher - Duo Security - September 27th, 2022 [September 27th, 2022]
Hollen, Raskin Join with NSA Bethesda Fire Fighters, IAFF Leaders to Highlight Progress on Efforts to Improve Base Conditions, Build New Facility |... - September 27th, 2022 [September 27th, 2022]
CISA, FBI, NSA, Treasury, Cyber Command, and International Partners Release Advisory on Malicious Cyber Actors Affiliated with Iranian Government... - September 20th, 2022 [September 20th, 2022]
NATFORCE: Buhari Finally Disbands Security Outfit After Senate Ignored NSA To Recognize Body The Whistler Newspaper - The Whistler Nigeria - September 20th, 2022 [September 20th, 2022]
China Accuses NSA of Hacking Its Military Research University - VICE - September 9th, 2022 [September 9th, 2022]
Behind the Toque: An Interview with NSA Noodle Bar Executive Chef Brooke Apfelbaum - greenpointers.com - September 9th, 2022 [September 9th, 2022]
In the Garden: Tour gives Omahans a chance to see how a 'Bloom Box' works - Omaha World-Herald - September 9th, 2022 [September 9th, 2022]
Three area teams pickup wins to start football season - The Suffolk News-Herald - Suffolk News-Herald - September 9th, 2022 [September 9th, 2022]
NSA to reveal identities of big men behind oil theft in Nigeria Presidency - Daily Post Nigeria - August 22nd, 2022 [August 22nd, 2022]
Former US Cyber Command and NSA chief makes the case for a cyber competition strategy | The Strategist - The Strategist - August 22nd, 2022 [August 22nd, 2022]
Inaugural India-Central Asia NSA meeting to be held in December - WION - August 22nd, 2022 [August 22nd, 2022]
Home | Open Source @ NSA - August 8th, 2022 [August 8th, 2022]
Kennesaw State named top institution for cybersecurity outreach - Kennesaw State University - August 8th, 2022 [August 8th, 2022]
US city of Boston to mark 75th anniversary of India's Independence with two-day extravaganza - NewsDrum - August 8th, 2022 [August 8th, 2022]
Pakistan's top probe agency to trace those behind online campaign against Army over Balochistan copter crash - ThePrint - August 8th, 2022 [August 8th, 2022]

Five ways to implement zero-trust based on NSA’s latest guidance – SC Media

The Prometheus League

Breaking News and Updates

Prometheism

Forbidden Fruit

The Evolutionary Perspective

Transtopia Menu

Library Updates

Library Books

Future Euvolution

Lucid Dreams from Childhood

Genetic Revolution

Speciation + Self-Directed Evolution