According to a recent report, data compromises in 2021 reached a record high with 1,826 reported occurrences, which is up 23 percent from the previous year. Moreover, over the past two years, 76 percent of IT managers experienced at least one ransomware attack. These statistics are alarming, but not surprising. As cyber incidents become more advanced, agencies and organizations must change their approach to security. One effective solution to this problem is implementing a Zero Trust Architecture.
For years, IT leaders across the federal government have focused on preventing breaches and keeping cyber attacks from penetrating the network. However, with the expanding nature of digital transformation, attacks are becoming more frequent and sophisticated. Therefore, it is essential for organizations to shift their mindset from merely preventing attacks to minimizing the impact of an attack and finally to assume breach. The reality is that attacks are inevitable, and every organization is a potential target.
A Zero Trust architecture is a security model that goes beyond traditional security measures. It requires all users, whether inside or outside the organization’s network, to be authorized before being granted access to specific applications or data. This approach relies on three core principles: “assume breach,” “least privilege,” and “constantly verify.”
Zero Trust also views users from a holistic approach and centers around five core pillars: identity, devices, networks, applications and workloads, and data. When implemented effectively, Zero Trust Segmentation (microsegmentation) can stop the lateral movement of cyberattacks and quickly minimize the impact of an attack.
In the case of microsegmentation, imagine a hotel. Just because one can bypass firewall defenses and access the lobby of the hotel, it does not mean that they have automatic access to their room. Every room has a keycard, and one can only access their room once they are checked-in and once their access (via personalized keycard) is granted. Additionally, if someone tries to access their room after check-out time, their access will be denied.
Microsegmentation is the foundational component of the workload and application pillar of Zero Trust and plays a critical role in establishing any resilient security strategy. In fact, having a microsegmentation solution is essential to having an effective Zero Trust security stack.
While many federal agencies recognize the importance of microsegmentation, it is important to understand that resilience requires a coordinated effort. To successfully implement microsegmentation and assume breach, agencies can create a Zero Trust Task Force and begin with a network map. Agencies should start with real-time application and workload visibility into their network. This will provide them with the ability to find risky ports and prioritize where to start.
Given the increasing sophistication and frequency of cyberattacks, a newfound emphasis on Zero Trust and resilience is one way to protect IT environments. By prioritizing Zero Trust technologies like microsegmentation early on, agencies and organizations can reduce cyber risk while accelerating Zero Trust outcomes quickly. This ultimately empowers them to focus more time, energy, and resources on furthering other mission critical objectives.
Mark Sincevich, Federal Director of Illumio, has 23 years of experience working with the DoD and Intelligence Community implementing technology solutions. He has also written numerous articles on the topic of cybersecurity and specializes in cyber and joint operations centers. With his extensive experience in the field, he recommends implementing Zero Trust architectures like microsegmentation to ensure IT security.