Top 3 Priorities for Zero Trust in 2023
- enero 05, 2023
One of the phrases I live by when implementing new concepts or technologies is “Think Big, Start Small, Scale Smartly” (apologizes to Jim Carroll, who coined a similar phrase 25 years ago), and this is an excellent approach to Zero Trust as well. Implementing Zero Trust is a big effort, but getting it right will pay dividends for years, if not decades.
When U. S. President Biden signed the Executive Order on Improving the Nation’s Cybersecurity, the intent was to establish a set of significant goals for government organizations. In the new year, it is now more important than ever to make progress toward these goals as risks and threats proliferate and new technologies advance. In the executive order, Biden placed specific emphasis on Zero Trust. The emphasis has garnered a lot of attention in the past year but also created confusion on where to start and how to proceed.
Start small on these big cybersecurity goals by establishing each of the three fundamental capabilities required for Zero Trust as your top three priorities in the new year. Considerable progress can be made if every organization focuses on these first steps:
- Authentication — Strong authentication of people, places, and devices will dramatically reduce the threat surface for your organization. If you don’t have strong authentication, make it a top priority. If you need to start small, focus first on the people and devices with elevated permissions, access to sensitive data, and significant decision-making authority.
- Monitoring — Moving from an opaque IT environment to current state-of-the-art monitoring capabilities can make a dramatic difference. The technology to monitor the environment for lateral movement, data loss prevention, suspicious behavior, and device and software patch/update status is now available and easy to implement. A high level of visibility allows for the CISO, CIO, and management to address issues quickly and effectively. Stating small would first involve focusing on monitoring cloud storage (OneDrive, Box, Dropbox, etc.) and email, as these cloud services have a prolific set of monitoring tools.
- Authorization — This is the most difficult of the three capabilities. A good starting point would be to provide your workforce with the ability to label sensitive information. To start small, focus on a minimal set of labels applied to email and cloud storage. These areas are often riddled with sensitive information that is not well protected. Once the information is labeled, you can use the enhanced monitoring and robust authentication to ensure sensitive information is protected.
One of the significant benefits of Zero Trust Architecture is the ability to evolve the implementation and focus on effective risk mitigation strategies for organizations. By enhancing authentication, monitoring, and authorization, most organizations can dramatically reduce their threat profile and set themselves up to scale smartly.
Make these three capabilities your top priority to feel secure and stable as you step into 2023 in the cybergame.