The growing sophistication of smart devices, the emergence of the cloud, and the requirement for employees to work away from the office have all contributed to the widening perimeter of an enterprise’s workforce. As companies can no longer assume that verified or trusted devices and individual identities are secure, the Zero Trust strategy has emerged to allow SOC teams and CISOs to make more informed decisions based upon risk insight rather than legacy security architectures.
Verify… Then Trust
Those who have been in the cybersecurity industry for a while may recognise the saying, “trust, then verify”. But due to the fact that organisations’ changing environments have become more vulnerable and that threat actors have become more stealthy and opportunistic, the adage needs an update to read, “verify… then trust.” This is why starting your cyber health journey no longer begins and ends by installing a cybersecurity product. IT Teams must rather begin by adopting a philosophy, approach, strategy; Zero Trust. Trend Micro VP of Market Strategy, Eric Skinner, explains that there is an “inherent trust” organisations have in their architecture, and Zero Trust is prohibiting attackers from piggybacking on that trust.
Risk Insight is the Foundation of Zero Trust
As the key security capabilities supporting this strategy have begun to take hold across the industry, there has been an effort from some vendors to redefine legacy products as Zero Trust in order to capitalise on the market awareness. But in fact, the newer capabilities for delivering meaningful risk insights are essential to an effective implementation of a Zero Trust strategy, meaning that IT teams require broad visibility into threats and posture to properly mitigate the complexity that often exposes vulnerabilities in an organisation’s environment. The advent of extended detection and response (XDR) solutions have allowed for greater and richer visibility and have set the stage for this strategy to take hold. As XDR provides insight into suspicious activity in an environment, the cross-layer sensors gather data from endpoints, email systems, cloud, container, and server workloads, and network stacks, allowing SOC teams and CISOs to more effectively look at the overall health of their organisation and individual users.
And Security Posture is the Secret Weapon
The fact that risk insights are derived from continuous assessment to inform control decisions makes security posture such an important concept. It’s been found that the health of devices shouldn’t be based exclusively on threat activity, but the security posture of that device as well. Zero Trust is about looking to see if a device has been properly configured, whether it harbours vulnerabilities in the operating system or applications, or if secure access has been compromised. Providing risk insights through APIs allows decision-makers to view trends over time and explore the particular reasons why device health scores are high or low and what needs to be done to bolster these scores. It's about powering decisions in an automated way.
Want more insight on Zero Trust and where this strategy is can take your security team? Watch An Expert Discussion on Zero Trust and hear the full conversation between Eric Skinner, VP Corporate Development and Greg Young, VP of Cybersecurity.