Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Zero TrustA New, More Effective Approach to Security

Ed Higgins, CISSP, CISM, CGEIT

Security and Compliance Specialist

Catapult Systems

November 11, 2017

1

Increase Your Business Agility By Adopting Zero Trust

NTXISSA.org

NTXISSA.org

NTXISSA.org

NTXISSA.org


“Legacy, perimeter-centric models of information security are of no use in today’s digital businesses, as they are no longer

bounded by the four walls of their corporation.”

2

~Forrester Research

NTXISSA.org

NTXISSA.org


The Challenge

3

Finding qualified security staff

Mapping requirements to solutions

Managing numerous silo securitysolutions

Data is more mobile than ever

Perimeter Security has Failed to Adapt

NTXISSA.org

NTXISSA.org


Data is More Mobile than Ever

4

NTXISSA.org

NTXISSA.org


Workstations

The “Jewels” Server

The Perimeter Model (And it’s Fatal Flaw)

• Hard outer shell (the untrusted zone, the DMZ , the other zones

5

• Inner (gooey) center of trusted systems with relaxed firewall rules and implicit trust.

• Trust Thy Neighbor?

• Assume there’s no malware

• Assume there’s no malicious users

• Assume there’s no already compromised users

• No, Thank you!

NTXISSA.org

NTXISSA.org


Mapping Requirements to Solutions

6

NTXISSA.org

NTXISSA.org


Silos of Security Tools

7

NTXISSA.org

NTXISSA.org


Staffing Security Experts

8

NTXISSA.org

NTXISSA.org


Along the Attack Kill Chain: Advanced Persistent Threat

9

NTXISSA.org

NTXISSA.org


Along the Attack Kill Chain: Low to High Privilege Lateral Movement

9

NTXISSA.org

NTXISSA.org


Tenants of Zero Trust

Access must be earned by all devices every time

1

Ensure all data and resources are accessed securely

2

User and device location should not decrease security

3

Least-Privileged Access and strictly enforced access controls

4

Log everything to an immutable destination

5

11

NTXISSA.org

NTXISSA.org


Why a new approach?

Compromised identity is the root of most breaches

Low privileged accounts are exploited to move laterally from device to device, then escalate to high privileges to accomplish mission

Most organizations address North / South threats, but not East / West

Cloud apps, mobile users, laptops, work from home, B2C, and B2B all span the firewall which leads to blind spots and shadow IT

12

NTXISSA.org

NTXISSA.org


Control Framework

Encryption at rest & transit

Firewall & System Mgmt

Intrusion Detection / Prevention

Logging

Activity Monitoring

Access & Identity Control

Web Servers

Database Servers

Cloud Services

Mobile

On-Prem Users

Remote Users

Partners

13

NTXISSA.org

NTXISSA.org


Mental Exercise

What would you do differently if every user was always on BYOD mobile?

14

NTXISSA.org

NTXISSA.org


Advantages of Applied Zero Trust

Makes lateral breach movement harder

Users get a unified experience

Add consistent security controls for

all endpoints

Removes complexity of solving for both

on-prem and external access

Security is persistent, even if data is shared

externally

Removes need for certain complexities

such as DMZ and VPN in many scenarios

Enables Digital Transformation by removing security

inequity

Say “Yes” More

16

NTXISSA.org

NTXISSA.org


Collin College

North Texas ISSA (Information Systems Security Association)

Thank you

17

Ed Higgins, CISSP, CISM, CGEIT

Security and Compliance SpecialistCatapult [email protected]

NTXISSA.org

NTXISSA.org

Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins

Internet

Transcript of Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins