Monday, October 7, 2024
Homecyber securityNSA Details Seven Pillars Of Zero Trust

NSA Details Seven Pillars Of Zero Trust

Published on

The National Security Agency (NSA) issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an organization’s network to access sensitive data and vital systems.

This offers instructions on how to use Zero Trust principles to strengthen internal network control and restrict network intrusions to a segmented section of the network.

“This guidance is intended to arm network owners and operators with the processes they need to vigilantly resist, detect, and respond to threats that exploit weaknesses or gaps in their enterprise architecture”, NSA Cybersecurity Director Rob Joyce.

- Advertisement - EHA

The NSA CSI defines zero trust (ZT) in Embracing a Zero Trust Security Model as a security strategy based on two key principles: acknowledgment of the ubiquity of cyber threats and removal of implicit confidence in favor of ongoing verification of all elements of the operating environment.

ZT implementation initiatives aim to improve cybersecurity defenses, responses, and operations gradually.

Seven Pillars Of Zero Trust

The seven pillars that comprise the Zero Trust framework are:

  • User
  • Device
  • Network & Environment
  • Data
  • Application & Workload
  • Automation & Orchestration
  • Visibility & Analytics
Seven pillars of Zero Trust

Using many essential features of each of the four networking and environment pillar capabilities, the ZT maturity model provides extensive network security such as Data flow mapping, Macro segmentation, Micro segmentation, and Software Defined Networking.

ZT architecture uses a secure network segmentation mechanism in addition to
securing network traffic with robust encryption and ongoing verification
of all users, devices, and data.

Defined procedures and security guidelines are essential for automation and orchestration, as are adaptable network features that allow for the dynamic isolation or modification of network segmentation as needed. 

Reports say sophisticated analytics keep an eye out for suspicious behavior on the network and in other events and activities.

All of these features support the ZT architecture and have the potential to significantly increase network security when used properly.

The network and environment pillar protects vital resources from unwanted access by defining network access, managing data flows, dividing workloads and apps, and utilizing end-to-end encryption.

This is achieved by combining software-defined networking (SDN) with appropriate macro- and micro-level network segmentation to provide centralized control and automation.

“Advancing Zero Trust Maturity throughout the User Pillar” is an extensive set of guidelines that the NSA released in April 2023 to help users in the zero-trust framework acquire certain levels of maturity.

Recommendation

The NSA strongly advises network owners and operators to enhance their network and environment by acquiring capabilities that correlate with the advanced maturity models outlined in this CSI.

“Network and environment security begins with an accurate inventory of all current data flows.

This ensures that access to these flows is properly protected, vetted, and appropriate”, the NSA said.

An organization should implement the following to improve its network and environment capabilities:

  • Map data flows based on usage patterns and operational business requirements.
  • Segment the network appropriately on both a macro and micro scale.
  • Employ SDN for automated tasking and centralized control.
  • Automate security policies to gain operational efficiency and agility.
  • Define access rules using risk-based approaches. These rules should contain precautions against allowing unauthorized or malicious traffic to flow across the perimeter, macro, and micro borders and onto network resources.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware Detection

Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA,...

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been identified in the Cacti network monitoring tool that...

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519

A critical vulnerability in Zimbra's postjournal service, identified as CVE-2024-45519, has left over 19,600...

Hackers Attacking AI Agents To Hijacking Customer Sessions

Conversational AI platforms, powered by chatbots, are witnessing a surge in malicious attacks, which...

Malicious App On Google Play Steals Cryptocurrency From Android Users

Cybercriminals have shifted their focus to mobile devices, targeting users with a malicious crypto...