Why Businesses Should Follow Government In Adopting Zero Trust Cybersecurity Strategies
The Office of Management and Budget (OMB) released this week their strategy to move the U.S. government toward a “zero trust” approach to cybersecurity.
According to a memo from the OMB, “A key tenet of a zero trust architecture is that no network is implicitly considered trusted—a principle that may be at odds with some agencies’ current approach to securing networks and associated systems. All traffic must be encrypted and authenticated as soon as practicable.”
The OMB said the new strategy, “… is a dramatic paradigm shift in philosophy of how we secure our infrastructure, networks, and data, from verify once at the perimeter to continual verification of each user, device, application, and transaction.
The strategy represents another step in implementing President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity, which focuses on advancing security measures that reduce the risk of successful cyber attacks against the federal digital infrastructure.
‘A Long-Term Effort’
Tony Cole is a cybersecurity expert with more than 35 years’ experience and today is the Chief Technology Officer at Attivo Networks. He noted that, “Zero trust has been a model that’s been around for many years [and] quite frankly it’s high time every major enterprise gets on board with it.
“The concept of assuming you’re breached is really the kicker to change your entire model and detect attackers that sometimes [previously] had minimal effort…to move through a compromised enterprise.
“Zero Trust is certainly not a static thing, it’s a long-term effort and very dynamic journey requiring commitment across the company from the board to the help desk. At this point in time, many smaller companies will have a lot of challenges in attempting this journey, hopefully many of their managed services providers will help build a path for those less resourced to also be successful,” Cole concluded.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise