People Get Ready!: Mapping Zero Trust Principles to Zero Day Realities

Two of the most relevant, if trendy, topics in cybersecurity today relate to the starting point — the “ground zero” of attacks — from both the attacker’s and the defender’s perspective. The most useful weapons in the attacker’s arsenal are Zero Day attacks; that is, previously unknown or unseen attacks. Such attacks are especially pernicious because there is no bespoke, pre-existing defender countermeasure. There is no snort signature, no specifically predefined pattern of behavior to look for, no TCP port to lock down. In that…

Why the World Needs ZTNA 2.0

Interest in Zero Trust has exploded recently, partly due to its catchy name and seemingly broad usage throughout the cyber security industry (Zero Trust washing?). But, there is also another more compelling reason for the rise in interest in Zero Trust – we really need it. When speaking with customers, many of them tell me they are struggling to get a handle on the risks associated with hybrid work and direct-to-app connectivity. The new reality is that our attack surfaces have expanded dramatically while cyberattacks…

3 User Access Scenarios Where ZTNA Can Help in 2022

As hybrid work is here to stay for a vast majority of organizations, there are three secure user access scenarios that most affect an organization: remote employees;  branch offices; and accommodating new, contingent, or traveling workers.  Remote employees Every remote employee is essentially an internet gateway. With remote access services transitioning to identity-based controls, attackers will be opportunistic by targeting credentials. And why not?  Let’s think about digital access the same way we think about physical access to a building. What’s easier for gaining access…

Zero Trust: An Overnight Sensation Decades Later

Introduction Years after the term was coined by Stephen Paul Marsh in 1994 and popularized by John Kindervag more than a decade ago, Zero Trust has become the “new” security solution that addresses the confluence of today’s three critical factors and the emergence of what amounts to a cyber-war on businesses and governments. Zero Trust switches the focus from outward-facing defense of a network perimeter to prevention of unauthorized exfiltration of data and other exploits. This short work looks at why it has become virtually…

Zero Trust: The Critical Essence – An Introduction

On January 12, 2010 Google wrote a blog revealing to the world that it had been breached by attackers sponsored by a nation state.  The attack is now known as ‘Operation Aurora’.[i] Subsequent investigations showed that many other enterprises and government organizations had also been breached by the same attackers.  Among other things, these hackers were targeting source code repositories via software configuration management systems.  Any entity that had already breached perimeter network security and had created a presence on an internal system could reach…

Application Architectures: It’s been a journey

ONUG Cloud Native Security Working Group Blog Series #1 Over the next several quarters, the ONUG Cloud Native Security Working Group will be publishing a set of short articles that examine different aspects of modern application security –new threats, the role of big data and machine learning in addressing those threats, how security interacts with the CI/CD development process, and more. The discussion of how to protect today’s applications begins with understanding how applications are built.  And understanding modern application architectures requires us to appreciate…