#GartnerSEC: Moving Towards an Explicit Zero Trust Model of Cybersecurity

The notion of zero trust in cybersecurity is a misunderstood term, according to Neil MacDonald, VP and distinguished analyst at Gartner. Speaking during the Gartner Security and Risk Virtual Summit, MacDonald noted that extending trust is in fact necessary for organizations to work efficiently.

The main issue is too much “implicit trust” in existing security practices that are based upon using physical location and ownership and control. This does not work well in a modern digital business, in which there are multiple devices used across multiple locations. Instead, “our goal is to replace that implicit trust with continuously assessed explicit trust levels based on risk,” explained MacDonald.

Ultimately, zero trust is moving away from a traditional perimeter based model, where physical locations define trust, to a model in which explicit trust is decided based on various factors, including identity, location, user behavior and sensitivity of the data being handled.

For organizations to apply such an approach successfully, the first focus should be on zero trust networking, according to MacDonald. This is because the TCP/IP network was built at a time when trust could be assumed, but things have changed significantly. “IP addresses are weak identifiers at best and they can easily be spoofed,” he noted. This means authentication needs to take place first before connection is granted rather than afterwards.

Legacy VPNs, which grant access externally, are therefore not fit for purpose and must be phased out. MacDonald commented: “We want to adopt a way of thinking which says the network location doesn’t matter, the network’s always untrusted; always assume it’s compromised, everything needs to be encrypted.”

Then from the ..

Support the originator by clicking the read the rest link below.