ZERO TRUST ARCHITECTURE
The National Security Agency ( NSA ) has recently released its comprehensive set of guidelines for zero trust network security . Entitled ‘ Advancing Zero Trust Maturity Throughout the Network and Environment Pillar ’, the cybersecurity information sheet provides guidance on how to strengthen internal network control and contain network intrusions to a segmented portion of the network using Zero Trust principles .
NSA Cybersecurity Director Rob Joyce says : “ Organisations need to operate with a mindset that threats exist within the boundaries of their systems . “ This guidance is intended to arm network owners and operators with the processes they need to vigilantly resist , detect , and respond to threats that exploit weaknesses or gaps in their enterprise architecture .”
What does the NSA framework look like ? The framework represents a significant departure from traditional security models , emphasising a “ never trust , always verify ” approach . The NSA ’ s endorsement of this model is rooted in the recognition of evolving cyber threats and the imperative to safeguard national security interests in an interconnected digital landscape .
The zero trust guidelines emphasise several key recommendations :
• Network Segmentation : Dividing the network into smaller , discrete segments to impede lateral movement by attackers and minimise the impact of breaches .
cybermagazine . com 155