Insight by Symantec

Agencies need to reduce cyber complexities, move to a software-defined perimeter to achieve zero trust

The Move to Zero Trust

Whether it’s DoD or the civilian agencies, they are all looking at moving to a zero trust framework and how to move toward zero trust.

Cybersecurity Trends

With a virtual private network today, once you are in, you are in. Software-defined perimeter provides you least privileged access and you can enforce your security policy at a very granular level to the remote user where they reside, not once they are in your network.

The latest cybersecurity data released in June under the President’s Management Agenda showed progress in protecting systems and data almost across the board.

The Office of Management and Budget says 22 of 23 civilian CFO Act agencies are protecting at least 95% of their mobile devices with a mobile device manager that can wipe the phone or tablet remotely if it’s lost.

OMB says 18 of 23 agencies now have the ability to detect unauthorized software and alert the security operations center, while only 9 of 23 agencies have the ability to alert the security operations centers if an unauthorized hardware device connects to the network.

Agencies also have improved how they protect data and limited who has access to data and when through enhanced identity and credential access management efforts.

All of these continued efforts–many of which have been going on for more than a decade–are moving agencies toward implementing a zero trust framework.

Each of these initiatives are part of creating an approach that understand who is on the network, what they are doing on the network and what data they are accessing.

Agencies have made good progress knowing who is on the network, but most departments still need to improve their understanding of why the user is accessing the data and what they are doing with it.

Federal Chief Information Officer Suzette Kent recently said getting down to that next layer and being able to track, monitor and determine if it’s acceptable is the next focus area for OMB.

Kent said OMB and the CIO Council is working with the National Institute of Standards and Technology to assess current state of technology that fits under zero trust framework.

Chris Townsend, the vice president of federal at Symantec, said with all of these cybersecurity initiatives and expectations agencies must ensure they are on the right path in moving to zero trust, while also addressing challenges around mobility and cloud.

“Whether it’s DoD or the civilian agencies, they are all looking at moving to a zero trust framework and how to move toward zero trust,” Townsend said on the Innovation in Government show. “What is driving that is the move to the cloud, the move to mobility, these boundary-less network environments we are working in and how do we take full advantage of the agility and increased productivity of the cloud. We have to be able to transfer the security to the data and to the user no matter where the user is accessing the data from and no matter what device they are using. That is all about a zero trust architecture.”

Townsend acknowledged that zero trust maybe the latest buzzword across the federal market and that may not be a bad thing. He said agencies and industry need to grasp the fact that zero trust is not a product or group of products, but a discipline around security.

While many agencies are at a similar starting point in their move to zero trust, depending on capabilities from the continuous diagnostics and mitigation (CDM) program or through the protection of high-value assets, Townsend said agencies should consider two important first steps.

First, organizations should simplify their cyber architectures and tools.

Second, agencies should implement software-defined perimeter technologies.

Townsend said the initial step to reduce the complexity of an organization’s cybersecurity architecture is to take an inventory of the current set of tools. Then, the organization should figure out the duplication of software and applications and decide which ones to keep.

“If you think about how security environments were built out, they were built out reactively. There was a threat, you evaluate a tool to solve the problem and then you buy the tool,” he said. “What has happened is lot of vendors have made acquisitions and built additional capabilities in those tools over time, and if you put up a Venn diagram, there’s 65% to 70% overlap in capability between multipole tools in your environment. And each one of those tools requires separate maintenance contracts, they have separate operating consoles and you need people trained on them, so the cost and complexity of operating so many tools is unsustainable.”

Townsend said a good security posture is one that removes complexity and makes it easier for cyber analysts to understand the threats and vulnerabilities.

Symantec helped a large financial organization simplify their environment by consolidating tools and reduced operating costs by $20 million a year.

Townsend said the second piece, software-defined perimeters, is at the heart of the zero trust framework because it lets users access only the applications and data that they are permitted to see.

“With a virtual private network today, once you are in, you are in,” he said. “Software-defined perimeter provides you least privileged access and you can enforce your security policy at a very granular level to the remote user where they reside, not once they are in your network.”

Townsend said as more and more employees depend on mobile devices and more connected devices come on the network, it becomes more important for agencies to reduce the complexity of cyber architectures and use software that can be easily updated and modified to protect against the latest threats.

 

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton suite of products for protection at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.