Mohammad Jamal Tabbara, the Senior Manager for Technical Sales (Middle East, Turkey, and Africa) at Infoblox, says there is growing interested in implementing Zero-Trust principles and related technologies
How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
Zero Trust Network Architecture has been evolving since its inception in 2010 to include the latest technologies, best practices, and recommended cybersecurity frameworks. Initially, it was built on the principle of not trusting any user or device trying to connect to the network, or trying to access applications and data, unless such users and devices are being verified and have the right privileges of access and authorisation.
One compelling cybersecurity practice for defending organizations against malicious activities is the deployment of a solution for securing DNS since 91% of malware use DNS in their life-cycle. Zero-Trust architectures have become a means for modern enterprises and government institutions to secure sensitive data in the face of digital transformation and the loss of the traditional network perimeter as we move to borderless network architectures.
Do you believe that technologies that support zero trust are moving into the mainstream?
No doubt that technologies that enable Zero Trust are gaining wider adoption and interest. As more organizations are adopting work-from-home business models and embracing cloud-based services (SaaS/IaaS/PaaS), the need for secure access to sensitive data and resources has become increasingly critical.
As a result, there is growing interested in implementing Zero Trust principles and related technologies, such as Data Protection, Identity and Access Management solutions, Visibility, Network Segmentation, Multi-factor authentication, and more. We will increasingly start hearing more about AI-based technologies being integrated with or within the Zero-Trust model.
At the same time, traditional Work-from-Office organizations, continue to improve their cybersecurity posture and protect against evolving threats with Zero Trust. In other words, the Zero-Trust model is suited for both traditional as well as modern networks.
Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?
No doubt! The changing nature of IT and business services, and the technologies that empower such services, would mean that organizations must continuously re-evaluate and assess new ways of architectures and practices to address evolving security threats.
Zero-Trust is not a set-in-stone model or a network architecture. It can evolve to address new challenges and threats, such as AI adoption by malicious activities. In other words, organisations should consider leveraging AI and Machine Learning (ML) to detect and respond to threats in real-time, and they should continuously update their security protocols to stay ahead of emerging threats. Regular employee training and awareness programs can also help mitigate risks, which is often a leading cause of security breaches for now.
How can companies get started with zero trust?
First, you need to have the buy-in from all the C-levels of the organization, led by a CIO or CISO’s conviction. Second, acquiring the right skill sets, whether with training and/or hiring is at the top of the list as an action item. Third, organizations should identify their critical assets and determine who needs access to them, from where, and when.
Fourth, you need to identify the technologies and potential vendors you would require, by inviting relevant manufacturers and solution integrators for discussions and demos. Fifth, is budgeting. This is where you need to determine the budget based on the potential risks that you could have, and then prioritize it. And lastly, implementing the technologies and utilising them to their maximum potential.
Overall, companies should take a holistic and planned approach to Zero Trust, integrating it throughout their entire IT infrastructure and organization.
Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?
Today AI can be leveraged by malicious activities, and it might be an advantage to bad actors on one hand. Yet on the other hand, the Zero Trust model should evolve so that the existing AI and machine learning technologies learn to identify and mitigate security risks. By analyzing data from various sources and detecting anomalous behavior, AI-powered security tools can help organizations prevent attacks before they occur.
However, with potentially having AI on the offensive side of the threat versus AI on the defensive side of the organization, adopting such a new approach requires a fundamental shift in mindset and a commitment to integrating the latest cybersecurity and practices throughout all aspects of the IT infrastructure, from the network to applications, users, and devices.
With AI, the volume and destruction of cyber-attacks will be extreme to unprecedented or even unimaged levels, disrupting human lives and putting nations into chaos. Zero-Trust would then need to further evolve, to alleviate the damage that AI can bring when leveraged by malicious activities.
What according to you are the limitations of zero trust?
Zero-Trust is easier said than done! In fact, you are never really done with Zero-Trust in such a dynamic world, where AI will be a major threat to organizations and nations.
But here are some of the limitations:
- Implementation complexity. Requires skill sets, talent, buy-in from stakeholders, and time-consuming exercises.
- Budget and cost. Implementing a Zero Trust model can be expensive, especially for small and medium-sized businesses that may lack the resources to implement and maintain the required security tools and technologies.
- The friction of adoption. One example: Zero Trust requires users to authenticate and re-authenticate frequently, which can lead to increased user friction and frustration. This can lead to users finding workarounds that weaken the security posture of the organization.
- Lack of visibility. One example is that having a Secure DNS is often overlooked, along with a common lack of visibility into DNS & IP address management services.