Membership is FREE!   Professional Designations for Business & Technology Professionals

Cybersecurity

CISOs on CISOs: A Discussion on Zero-Trust Network Access

2 Mins read

With an ever-expanding digital infrastructure, an increasingly sophisticated threat landscape, and a growing skills gap, IT and OT leaders are facing pressure daily to establish and maintain trust in their networks. The situation has become even more challenging in recent months with the need to secure remote work around the world.

To find out more about these challenges, we met digitally with two of Fortinet’s Field CISOs – Alain Sanchez and Courtney Radke – to discuss the need for implementing Zero-Trust Network Access in today’s evolving networks and expanding threat landscape.

Q: Can you share some perspective on why Zero-Trust Network Access is more critical than ever?

Alain – The sophistication of the threat landscape has extended to new classes of attacks that aim at inflicting damages while remaining silent. They are targeting IT and OT devices, and the industrial systems that manage production in segments such as manufacturing, energy, and pharmaceutical. And now, the current pandemic is accelerating the need for full automation of production.

As production relies more and more on sophisticated regulation, no sensor, application, or user should by default be allowed to influence the running of any critical infrastructure or process. Due to the precision and speed of production required, any malicious order or fake value sent into the process can have devastating effects.

Access to network resources can be compared to the physical access to a controlled building. The default state of all entry doors need to be set to “closed.” Access rules needs to be dynamically refreshed with real time authentication systems. An individual’s credentials should not just be established at the exterior door, but throughout the building. And the overall behavior of that individual while inside the building should be monitored against a machine-learning baseline profile so that actions can be taken should that individual begin behaving badly.

This holistic vision of a trust that is continuously earned rather than granted once for all access requires a full integration of the entire security ecosystem. The moment you have a subcomponent that can’t be pinged and dynamically compared to a model of how it is supposed to behave, you’re in danger of breaking the security chain. As CISOs discover such weak links within their controlled systems, they have to make hard decisions about who is allowed to do what. The best solution is to opt for a scalable security system that can establish and monitor a Zero-Trust Network Access model.

Q: The growth of devices is key to the need for ZTNA. Can you share some best practices for managing this exponential growth in terms of security?

Alain – Act quickly, never hastily. Similarly, exponential growth should not be a reason for trading security for speed. Of course, the CISO must be the guardian of this principle. Even if enterprises have to catch up on months of production and backorders, security must remain a priority.

The second ally of the security team is automation. Automation is an outgrowth of proper planning, and can save precious time in detecting and responding to threats. Once a ZTNA policy has been designed and adapted to the level of risk that your business is comfortable with, the deployment of that policy then needs to be orchestrated to reach the level of scalability required in large infrastructures.

Q: Where are the…

 

Read The Full Article

Related posts
BlockchainCybersecurity

Bitcoin: $1bn seized from Silk Road account by US government

1 Mins read
More than $1bn (£772m) in Bitcoin linked to the notorious Silk Road website has been seized by the US Department of Justice…
Cybersecurity

Over 200 Documented Blockchain Attacks, Vulnerabilities and Weaknesses

3 Mins read
By Kurt Seifried, Chief Blockchain Officer at Cloud Security Alliance Blockchain attacks are very hot right now for one simple reason: it’s…
Cybersecurity

The CISO’s Dilemma: Balancing Security, Productivity With a Housebound Workforce

3 Mins read
How are CISOs managing the tug-of-war between IT security and worker productivity in this new, remote-first era? Before the pandemic, remote work was already…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.