The National Security Agency (NSA) issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an organization’s network to access sensitive data and vital systems.
This offers instructions on how to use Zero Trust principles to strengthen internal network control and restrict network intrusions to a segmented section of the network.
“This guidance is intended to arm network owners and operators with the processes they need to vigilantly resist, detect, and respond to threats that exploit weaknesses or gaps in their enterprise architecture”, NSA Cybersecurity Director Rob Joyce.
The NSA CSI defines zero trust (ZT) in Embracing a Zero Trust Security Model as a security strategy based on two key principles: acknowledgment of the ubiquity of cyber threats and removal of implicit confidence in favor of ongoing verification of all elements of the operating environment.
ZT implementation initiatives aim to improve cybersecurity defenses, responses, and operations gradually.
Seven Pillars Of Zero Trust
The seven pillars that comprise the Zero Trust framework are:
- User
- Device
- Network & Environment
- Data
- Application & Workload
- Automation & Orchestration
- Visibility & Analytics
.webp)
Using many essential features of each of the four networking and environment pillar capabilities, the ZT maturity model provides extensive network security such as Data flow mapping, Macro segmentation, Micro segmentation, and Software Defined Networking.
ZT architecture uses a secure network segmentation mechanism in addition to
securing network traffic with robust encryption and ongoing verification
of all users, devices, and data.
Defined procedures and security guidelines are essential for automation and orchestration, as are adaptable network features that allow for the dynamic isolation or modification of network segmentation as needed.
Reports say sophisticated analytics keep an eye out for suspicious behavior on the network and in other events and activities.
All of these features support the ZT architecture and have the potential to significantly increase network security when used properly.
The network and environment pillar protects vital resources from unwanted access by defining network access, managing data flows, dividing workloads and apps, and utilizing end-to-end encryption.
This is achieved by combining software-defined networking (SDN) with appropriate macro- and micro-level network segmentation to provide centralized control and automation.
“Advancing Zero Trust Maturity throughout the User Pillar” is an extensive set of guidelines that the NSA released in April 2023 to help users in the zero-trust framework acquire certain levels of maturity.
Recommendation
The NSA strongly advises network owners and operators to enhance their network and environment by acquiring capabilities that correlate with the advanced maturity models outlined in this CSI.
“Network and environment security begins with an accurate inventory of all current data flows.
This ensures that access to these flows is properly protected, vetted, and appropriate”, the NSA said.
An organization should implement the following to improve its network and environment capabilities:
- Map data flows based on usage patterns and operational business requirements.
- Segment the network appropriately on both a macro and micro scale.
- Employ SDN for automated tasking and centralized control.
- Automate security policies to gain operational efficiency and agility.
- Define access rules using risk-based approaches. These rules should contain precautions against allowing unauthorized or malicious traffic to flow across the perimeter, macro, and micro borders and onto network resources.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
 issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an){kind=link}