Intelligent CISO Issue 57 - Page 50

The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks .
FEATURE

The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks .

limits the impact of overly broad user privileges and access . The goal is to allow only as much network access to services as is needed to get the job done . Anything beyond the minimum is a potential threat .
• Instrumentation : The ability to monitor network traffic in-depth along with comprehensive analytics and response automation provides fast and effective incident detection .
• Multi-vendor network integration : Real networks aren ’ t limited to a single vendor . Even if they could be , additional tools are still needed to provide the features that a single vendor won ’ t provide . The goal is to get all of the multivendor network components working together as seamlessly as possible to enable compliance and unified cybersecurity . This is a very difficult and complex project but keeping this strategic goal in mind as the network evolves will create a far more effective cybersecurity posture .
• Monitoring : Ensure comprehensive and centralised visibility into users , devices , data , the network and workflows . This also includes visibility into all encrypted channels .
At its core , the Zero Trust model is based on not trusting anyone or anything on the company . This means that network access is never granted without the network knowing exactly who or what is gaining access .
4 . Establish and test Disaster Recovery plans
A key part of a Disaster Recovery plan involves backups . However , it is surprising how often restoring from backup systems in real-world situations doesn ’ t perform as expected . It ’ s important to know which digital assets are and are not included in backups and how long it will take to restore content .
CSOs should plan the order in which backed-up resources will be recovered , know what the start-up window will be and test backups as a routine task with specific validation checks to ensure that a recovery is possible .
Staying secure
The CSO ’ s job isn ’ t getting any easier , but solid planning using the four strategies will help ensure an organisation ’ s digital safety . In addition , partnering with toplevel enterprise cybersecurity vendors will ensure that critical security technology and best practices are central to the organisation ’ s cybersecurity strategy . u
50 www . intelligentciso . com