Cloud Security , Governance & Risk Management , Security Operations
Zeroing in on Zero Trust
How far along is your organization on its Zero Trust journey? If you’re a CISO or other security leader, recent and forthcoming government mandates have added to the urgency of modernizing security posture in the face of today’s complex threat landscape.
See Also: DevOps and Cloud Migration: The Ultimate Guide for Seamless Integration
Chances are you and your board already knows this, and are looking for answers. That explains why achieving Zero Trust ranked as the top CISO concern, cited by 44 percent of the 1,000-plus CISOs and other security leaders who took part in the Gigamon 2024 Hybrid Cloud Security Survey. Transitioning to a Zero Trust security architecture over the next 18 months is a key priority for 80 percent of organizations that participated in the study.
Such urgency comes from U.S. and other government directives to adopt Zero Trust policies. Just over half (53 percent) of the respondents in the Gigamon study said they are currently required by their government to follow Zero Trust. In the U.S., for example, the Biden administration’s Executive Order on Improving Cybersecurity requires all federal agencies to operate within a Zero Trust framework by September 2024.
Zero Trust Security for Hybrid Cloud Networks
As the modern standard for robust cybersecurity, Zero Trust requires all users and resources to be authenticated, authorized and continuously validated to access applications and data. While there are many Zero Trust frameworks, the original “Zero Trust Model” from 2009 is a nice simple starting point:
- Ensure all resources are accessed securely regardless of location
- Adopt a least privilege strategy and strictly enforce access control
- Inspect and log all network traffic
Since 2009, it’s become clear that Zero Trust cannot exist only at the network edge, or only in selected public cloud workloads, it must apply everywhere: on-premises networks both physical and private cloud, public clouds and edge. While most organizations have already adopted basics like Multi-Factor Authentication (MFA), too few organizations are actually verifying that the communications among Users, Devices, Applications, Data, and Networks are safe & secure. The whole concept of Zero Trust requires continuous inspection of what is actually happening, eliminating implicit trust – even when a user satisfies an MFA challenge.
According to the U.S. National Security Agency, “Zero Trust integrates visibility from multiple vantage points, makes risk-aware access decisions, and automates detection and response. Implementing this framework places network defenders in a better position to secure sensitive data, systems, applications, and services.”
Many enterprises, agencies and institutions face challenges making this transition from a traditional “implicit trust” security framework, which requires a single validation of users within the organization’s network perimeter, rather than the continuous validation of all network users required by Zero Trust. This trepidation is reflected in the Gigamon survey, as nearly six-out-of-10 respondents (59 percent) expressed concern that Zero Trust requires too much oversight and too many resources to make it worthwhile.
Visibility & Analytics are not optional
In a recent podcast, Dr. Chase Cunningham, vice president of security market research at G2 and a Zero Trust pioneer cautioned CISOs to not overthink Zero Trust. Instead, they should focus on protecting the core value of the business. “I happen to think you make a lot of difference with the right visibility and analytics tools — together with the appropriate identity and access management tools — and by tying those things together.”
He also offered advice to his fellow cybersecurity officers. “What CISOs and other security leaders need to realize is that your cloud provider is not responsible for the security of your data and applications. It’s on you to develop a security strategy that works within that cloud infrastructure,” he said.
From a security perspective, Cunningham said one of the worst things an enterprise can do is migrate to cloud without oversight into what’s really happening. “If you don’t have really good visibility and analytics and can’t see what’s going on inside the cloud infrastructure, you’re putting yourself into a really bad position,” he explained.
Zero Trust and the Need for Deep Observability
Organizations can continuously verify security of data communications and eliminate blind spots with the depth of insight that only comes from network-derived intelligence. Deep Observability brings visibility and analytics to any workload in any environment across the hybrid cloud. Such deep observability allows an enterprise to secure its data wherever it resides on the network, on-premises or in the cloud. Real-time visibility and deep observability are central to any Zero Trust initiative — something that was noted by four-out-of-five (82%) of the Gigamon survey respondents.
In a recent report, John Kindervag, chief evangelist at Illumio and the widely recognized ‘father of Zero Trust’ said, “Gaining complete visibility into the network is like lighting up the whole street. When it comes to implementing Zero Trust, this is the best place to start.”
Next Steps
The Gigamon Deep Observability Pipeline provides visibility into all network traffic — the level of real-time visibility and analytics required to successfully implement Zero Trust. For more information on Gigamon and its Zero Trust Security Framework please reach out to us or click here to learn more.