Insight by Splunk

Zero Trust Cyber Exchange: Splunk’s Bill Wright on helping IT teams, users make necessary mindset shift

There will be major tech investments, but the mindset shift required of IT and security teams — and everyday users too — might well be the toughest zero tru...


Zero Trust Cyber Exchange: Splunk

There’s a real need to have that very granular, continuous visibility into every component, including real time risk scores and the infrastructure in context, so that you’re able to evaluate the trustworthiness and, and do it confidently.

The Office of Management and Budget’s Zero Trust Strategy directs a range of agency actions aimed at revamping federal cybersecurity by the end of fiscal 2024.

But ultimately, migrating to a verify-then-trust model might come down to how well agencies can change the mindset of the people in their organizations, said Bill Wright, senior director for North American government affairs at Splunk.

“Despite what you hear, there is no single vendor that can provide a complete zero trust solution,” Wright said during Federal News Network’s Zero Trust Cyber Exchange. “That’s just a myth. There is no single technology. Of course, it’s a framework, a framework that’s made up of interlocking technical, but also business, architectures. So the best zero trust approaches are going to include programmatic and organizational changes. It’s going to incorporate technology, policy and even culture.”

The latter element may be most important aspect in the shift away from traditional perimeter security approaches, Wright suggested.

Zero trust hinges on people

“There are some aspects of zero trust that seem counterintuitive to a lot of IT teams that have been trained on decades of perimeter oriented, defense-in-depth strategies,” he said. “Zero trust requires a change in that mindset from defending that perimeter to literally defending everywhere, inside as well. And this is a fundamental shift in mindset.”

Among the key actions called for in the lengthy OMB strategy is the directive that agencies “maintain a complete inventory of every device authorized and operated for official business and can prevent, detect and respond to incidents on those devices.”

It further calls for agencies to deploy robust endpoint detection and response tools widely across their networks. The upshot is agencies are attempting to identify, monitor and analyze a growing range of devices and corresponding data across increasingly complex networks, Wright said.

A need for deep visibility

“While there’s an ocean of information, many organizations, including most of our federal agencies, really lack the visibility across their infrastructure and cloud components — and connected devices — to make those confident decisions,” he said. “There’s a real need to have that very granular, continuous visibility into every component, including real-time risk scores and the infrastructure in context, so that you’re able to evaluate the trustworthiness and do it confidently.”

The zero trust strategy is underpinned by a range of well understood technologies and approaches. Many of them were also called out in the Biden administration’s expansive cybersecurity executive order, a “shock and awe document,” Wright said. The EO keyed in on several fundamental security practices, including multifactor authentication, encryption and logging requirements.

The zero trust strategy takes those practices a step further by aligning them under an architecture that seeks to verify “anything and everything attempting to establish access,” according to the White House strategy. The effort cuts across distinct mission and business areas ranging from identity, devices, networks, applications and workloads, and data.

But in the end, it’s still a people challenge, Splunk said. Agencies must find the perfect balance in this new security realm between making security seamless and protecting their chief asset: data.

“If users find zero trust cumbersome or slow, they’re going to find workarounds — it’s human nature — and that undermines the goals and the protections.”

To listen to and watch all the sessions from the 2022 Federal News Network Zero Trust Cyber Exchange, go to the event page.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.