The first step should be an investigation and analysis of what your sensitive data is, where it lives, and who accesses it. Then analyze the three Foundational Pillars (see below) to see where you are with the necessary people, process, and technology basics. Most organizations should leverage the resources and technologies they already have in place, and understand where the gaps are so they can address them over the next one to three years. Cisco Advanced Security Services can help you with this analysis, strategy, and implementation work.
The three foundational Pillars are:
- Zero Trust Platform
- Security Automation and Orchestration
- Security Visibility and Analytics
These Zero Trust Foundational Pillars work great whether you leverage the CIS 20, NIST 800, or the ISO 27000 family cybersecurity frameworks. A few key things you need for all of them include:
- Segmentation, Priviledge Escalation Monitoring, and Multi Factor Authentication
- Inventory of your hardware and software plus application flows
- What are your key risks(threats, brand image, fines, and compliance)
- Understand what your top 50 pieces of sensitive data are
- Understand where your top 50 pieces of sensitive data presently resides
- Who is after this information? What are their capabilities
A quick high level overview of the 3 foundataional pillars based on the information from Forrester Research: :
- Zero Trust Platform
- Data security, which is ultimately
a technology solution - Managing the data, categorizing and developing data classification schemas, and encrypting data both at rest and in transit
- Security Automation, OrchestrationSecurity, and Risk leadership to leverage and use tools and technologies that enable automation and orchestration across the enterprise.
- The ability to have positive command and control of the many components that are used as part of the Zero Trust strategy.
- Security Visibility and Analytics
- You can't combat a threat you can't see or understand. Tools such as traditional security information management (SIM), more-advanced security analytics platforms, security user behavior analytics (SUBA), and other analytics systems enable security professionals to know and comprehend what's taking place in the network.
- This focus area of the extended Zero Trust ecosystem helps with the ability of a tool, platform, or system to empower the security analyst to accurately observe threats that are present and orient defenses more intelligently.
Do a workshop with Cisco Advanced Services so you understand what the gaps are, how to best address them, and prioritize your work. This end to end approach will help you address your key use cases to get the outcomes you need addressed.
Be sure to take into consideration the Core principles that make up Zero Trust:
-
- Identify and Catalog your Sensitive Data
- Map the data flows of your sensitive data
- Architect your Zero Trust network
- Create your automated rule base
- Continuously monitor your trusted ecosystem
We have the product and services experience to help you determine a practical systems approach to Zero Trust Reach out to your Cisco Security Services team so we can help guide your through this.
For more zero trust information, read the first blog in the series.
To learn more on Zero Trust, go here.
We have additional blogs on Zero Trust planned for August, September, October.
Click here to be notified by email whenever new Zero Trust blogs are posted.