Securing the Perimeter: The Urgency of Protecting Digital Borders

We are on the road to Zero Trust security, with an architecture broadly understood to have the potential to fundamentally change the effectiveness of protection and data sharing across the world’s most mission-critical and largest networks.

Zero Trust approaches can better track and block external attackers while limiting security breaches resulting from internal human error. From a data sharing perspective, Zero Trust can better manage rules of access for users and devices to facilitate secure sharing, from the data center to the far reaches of the network and device edge.

Depending on the architecture, a solid Zero Trust implementation makes it easier – not harder – to rapidly adopt and implement critical network technologies supporting cloud computing, artificial intelligence, machine learning, and more.

In both public and private organizations, in 2021, cybersecurity is at a critical moment. Enterprise networks are growing in size and complexity, requiring massive amounts of rapid data transfer and supporting an explosion of remote workers brought on by the COVID-19 pandemic.

This expansion is stretching existing cybersecurity solutions to their breaking point, as more remote users and endpoints increase the attack surface of the network and make all its systems vulnerable. As a result, public and private sector decision-makers are reassessing the current definition of “perimeter” security and are considering and adopting Zero Trust, which is proving to be a game-changer for the improvement of security across the most complex, essential networks.

We asked Orhan Yildirim, CTO of Ironsphere, a company specializing in Privileged Access Management and Privileged Identity Management and a pioneer in Zero Trust Architecture (ZTA) with several years head start, given their cloud-based methodology.

“Zero Trust can significantly offset vulnerabilities and threats across networks by creating discrete, granular access rules for specific applications and services served by the network,” Yildirim said. “Many of the widely report cases of severe network breaches could have been prevented by using basic zero trust principles. When an individual is given broad system administrator privileges within the critical systems and networks, they can access tremendously valuable resources and files. We no longer can tolerate blind trust in users and devices, especially as the perimeter morphs and becomes more difficult to manage without a physical perimeter per se.”

The rapid evolution and expansion of the digital world has come with a growing number of increasingly sophisticated cyber threats. But despite these developments, cybersecurity practices have only made modest improvements over the past few decades. Early users relied on anti-virus scanning to detect and remove viruses from individual devices, and these practices ultimately evolved to include endpoint protection, threat detection, and response to defend the broader network, Yildirim explained.

“Five or ten years ago, networks had a limited number of endpoints and users, and subsequently could rely on software perimeter security, which emphasizes guarding the entry/exit points to the network by checking the user’s identity and the data packets that come in and out,” Yildirim said. “This has become strained by the volume and velocity of adding more and more remote users, and exponentially more devices, while adversaries continue to find creative methods of getting around traditional perimeter security, including social engineering attacks that manipulate users into giving away their credentials.”

Yildirim said their large enterprise clients, including global banks, pharmaceutical companies, telecom service providers, and others, are rapidly adopting software to, among other things, elevate situational awareness to enhance decision-making. “The challenge comes when massive data sharing in real-time across a wide, diverse set of systems and platforms continues to grow, with partners, third-party services, vendors, and others. We’re just at the beginning of this complexity and growth of the attack surface. 5G will drastically impact the future of global communication networks and fundamentally change the environment in which large enterprises operate, including essential companies like energy providers, whose grids are targets for adversaries.”

Yildirim explained that 5G will enable a higher volume of data to be shared between more systems and platforms at a faster rate and, while it has the benefits of improving operations and lowering costs, linking multiple systems into a broader network while sharing information in real-time needs to be protected with a Zero Trust model, including Privileged Access Management (PAM) for people, and Privileged Identity Management (PIM) for devices.

“When we add artificial intelligence and machine learning, we add more endpoints and data transfers within expanded networks, creating new opportunities for adversaries to target data and operational capability. They can bring businesses to a halt. As the attack surface expands, perimeter security will increasingly become overwhelmed, allowing more unauthorized users to slip into the network. Just as these technologies generate more data traffic, they will also enable the volume and speed of threats to increase, making it difficult for any perimeter security system to monitor and manage those threats. Without moving to Zero Trust and ensuring all elements are included in the modern security stack, organizations run the risk of compromising data, networks, and operations.”

Zero Trust operates on a “least-privilege access” model by only granting users and devices access to the applications, services, and data that are absolutely necessary for their role within an organization. By using “role” as a centerpiece for determining access, an organization can share its resources and data with more precision and quickly expand or limit a user’s access as he or she takes on different roles.

Zero Trust shifts the emphasis from the perimeter of a network to the discrete applications and services within a network, building more specific access controls to those specific resources. This method of wrapping security around applications and services is known as “micro-segmentation,” and it allows for more targeted security and management of access beyond traditional perimeter security.

We will continue to follow the rapid advancements in Zero Trust scenarios – a topic all OT and IT professionals should be aware of as they continue to transform their architectures.