“Trust no one.”
That was one of the taglines for The X-Files, the popular science-fiction television series about FBI agents who investigate a series of bizarre, supernatural cases. It’s also becoming a mantra for modern network security.
Faced with relentless cyber threats and expanding attack vectors, network security pros have begun to embrace a “zero trust” model as an alternative to traditional perimeter-focused protections. This model effectively makes identity the new security perimeter by assuming that every user and device that attempts to access the network is a threat until their identity has been authenticated.
Zero trust is critically important for organizations that adopt AI. AI introduces new threats that traditional security tools can’t handle, and creates massive numbers of AI agents that need authentication. At the same time, AI enhances zero trust by automating detection of sophisticated attacks, enforcing security policies, and providing continuous, real-time validation of every user, device and application.
Why Zero Trust?
Zero trust is a radical departure from conventional practices that use firewalls and other perimeter defenses to protect the private network from the public Internet. These legacy security models are built on the principle of implicit trust, giving users or devices unfettered network access once they’ve been authenticated. That’s no longer effective due to increasing dependence on resources outside the firewall.
Today’s mobile employees commonly use multiple personal devices to reach beyond the old network perimeter to access applications, data and services from multiple data centers and the cloud. This back-and-forth access between public and private networks allows users to be more productive and efficient, but it also opens the door to new cyber threats.
Sophisticated and stealthy threats such as fileless malware and advanced persistent threats (APTs) often piggyback on approved apps to get inside the network. Once inside, they capitalize on the presumption of trust inside the firewall to remain undetected for long periods, moving laterally within the network to gather credentials and other valuable information.
What are the Elements of Zero Trust?
The zero trust model addresses these challenges through the application of three key principles:
- Never Trust, Always Verify. Never assume that any user or device is safe, even if it’s inside the firewall. Users and devices must prove their identity and compliance with security policies each time they try to access a resource.
- Enforce Least Privilege Access. Grant users, devices and applications the minimum level of access needed to perform specific tasks. Giving users only the access they need limits the potential damage from a compromised account or insider threat.
- Assume Breach. Operate under the assumption that a security incident is inevitable or has already occurred. Security strategies should emphasize limiting the impact of a breach instead of focusing solely on preventing attacks.
These principles are implemented using access controls, network segmentation, multifactor authentication and other techniques to create what Gartner analysts call “an identity- and context-based, logical-access boundary.” Within this boundary, applications and network segments are cryptographically hidden from unauthorized users.
How Does AI Enhance Zero Trust?
AI-powered tools can enhance every element of the zero trust model, increasing agility and enabling smarter decisions based on real-time threat intelligence. It provides for the continuous validation and assessment of users and devices and contextual analysis of user behavior. It also enables more adaptive policies that respond to business requirements and the changing threat environment.
With AI, organizations can move to just-in-time access, granting users or devices elevated privileges when needed to perform specific tasks. AI-powered tools can also spot identity threats such as anomalous tokens and illicit consent grants. These techniques are essential to enforce identity as the new perimeter.
Cerium’s security experts understand today’s threats and can help you develop and implement a security strategy based on the zero trust model. Let us help you protect against today’s threats by ensuring that only trusted users and devices can access network resources.
