Organizations across all industries experienced a surge of ransomware attacks last year as cybercriminals extracted $1.1 billion in payments from victims. To thwart these bad actors and improve network security, the National Security Agency (NSA) released a new cybersecurity information sheet: Advancing Zero-Trust Maturity Throughout the Network and Environment Pillar. <\/p>\n
As the creator of zero-trust, Im pleased to see the NSAs document emphasizes a paramount, yet frequently overlooked element of zero-trust security: segmentation. <\/p>\n
I have long advocated that segmentation stands as the fundamental essence of zero-trust. However, in recent years, there has been a noticeable tilt toward the Identity pillar of zero-trust, leaving network security controls vulnerable both on-premises and in the cloud. <\/p>\n
As the attack surface expands and the digital landscape grows increasingly interconnected, segmentation of on-premise networks, cloud, multi-cloud, and hybrid environments becomes imperative for organizations to fortify resilience and establish enduring zero-trust architectures. <\/p>\n
The NSA also recognizes the importance of \"data flow mapping.\" Flow mapping has been a focal point of my zero-trust advocacy since its early days. Understanding system interconnections is essential for successfully architecting zero-trust environments. <\/p>\n
NSAs document also underscores the significance of network security technologies in establishing a zero-trust environment. Organizations, whether on-premise or in various cloud environments have largely overlooked the importance of network security controls. I think of network security as the cornerstone of zero-trust, particularly in combating ransomware attacks that jeopardize essential services and disrupt everyday life. <\/p>\n
The NSA has reaffirmed this pivotal role of network security, finally granting zero-trust segmentation (ZTS) the recognition it deserves. This guidance should help organizations comprehend the importance of the Network pillar within zero-trust and encourage them to pursue network security technologies as they progress toward implementing a zero-trust architecture. <\/p>\n
As global connectivity grows, the attack surface expands. Thats why its imperative for organizations to delineate, map, and fortify their most critical Protect Surfaces within their zero-trust environments. <\/p>\n
I hope the NSAs recommendations convince more organizations to implement zero-trust as they cope with the ever-changing cybersecurity landscape. These zero-trust principles have become mainstream across various industries and organizations of different sizes. As cyber threats evolve, more companies will recognize the need to implement a zero-trust approach to protect their digital assets. <\/p>\n
Here are my recommendations for how to implement zero-trust effectively: <\/p>\n
I commend the NSA for issuing its latest guidance because its a significant endorsement of the effectiveness and significance of ZTS, offering invaluable guidance for organizations seeking to fortify their cyber resilience amid the ever-changing threat landscape. Its impossible to prevent all cyberattacks, but implementing a zero-trust model will significantly reduce the potential damage and strengthen any organizations security posture. <\/p>\n
John Kindervag, chief evangelist, Illumio <\/p>\n
<\/p>\n
See original here: Organizations across all industries experienced a surge of ransomware attacks last year as cybercriminals extracted $1.1 billion in payments from victims. To thwart these bad actors and improve network security, the National Security Agency (NSA) released a new cybersecurity information sheet: Advancing Zero-Trust Maturity Throughout the Network and Environment Pillar. Continue reading
\nFive ways to implement zero-trust based on NSA's latest guidance - SC Media<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"