NSA Details Seven Pillars Of Zero Trust

The National Security Agency (NSA) issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an organization’s network to access sensitive data and vital systems.

This offers instructions on how to use Zero Trust principles to strengthen internal network control and restrict network intrusions to a segmented section of the network.

“This guidance is intended to arm network owners and operators with the processes they need to vigilantly resist, detect, and respond to threats that exploit weaknesses or gaps in their enterprise architecture”, NSA Cybersecurity Director Rob Joyce.

The NSA CSI defines zero trust (ZT) in Embracing a Zero Trust Security Model as a security strategy based on two key principles: acknowledgment of the ubiquity of cyber threats and removal of implicit confidence in favor of ongoing verification of all elements of the operating environment.

ZT implementation initiatives aim to improve cybersecurity defenses, responses, and operations gradually.

Seven Pillars Of Zero Trust

The seven pillars that comprise the Zero Trust framework are:

  • User
  • Device
  • Network & Environment
  • Data
  • Application & Workload
  • Automation & Orchestration
  • Visibility & Analytics
Seven pillars of Zero Trust

Using many essential features of each of the four networking and environment pillar capabilities, the ZT maturity model provides extensive network security such as Data flow mapping, Macro segmentation, Micro segmentation, and Software Defined Networking.

ZT architecture uses a secure network segmentation mechanism in addition to
securing network traffic with robust encryption and ongoing verification
of all users, devices, and data.

Defined procedures and security guidelines are essential for automation and orchestration, as are adaptable network features that allow for the dynamic isolation or modification of network segmentation as needed. 

Reports say sophisticated analytics keep an eye out for suspicious behavior on the network and in other events and activities.

All of these features support the ZT architecture and have the potential to significantly increase network security when used properly.

The network and environment pillar protects vital resources from unwanted access by defining network access, managing data flows, dividing workloads and apps, and utilizing end-to-end encryption.

This is achieved by combining software-defined networking (SDN) with appropriate macro- and micro-level network segmentation to provide centralized control and automation.

“Advancing Zero Trust Maturity throughout the User Pillar” is an extensive set of guidelines that the NSA released in April 2023 to help users in the zero-trust framework acquire certain levels of maturity.

Recommendation

The NSA strongly advises network owners and operators to enhance their network and environment by acquiring capabilities that correlate with the advanced maturity models outlined in this CSI.

“Network and environment security begins with an accurate inventory of all current data flows.

This ensures that access to these flows is properly protected, vetted, and appropriate”, the NSA said.

An organization should implement the following to improve its network and environment capabilities:

  • Map data flows based on usage patterns and operational business requirements.
  • Segment the network appropriately on both a macro and micro scale.
  • Employ SDN for automated tasking and centralized control.
  • Automate security policies to gain operational efficiency and agility.
  • Define access rules using risk-based approaches. These rules should contain precautions against allowing unauthorized or malicious traffic to flow across the perimeter, macro, and micro borders and onto network resources.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

11 hours ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

12 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

14 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

18 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

19 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

19 hours ago