In the fluid cybersecurity landscape, the focus has shifted from fortifying network perimeters to acknowledging the critical role of identity and user authentication.
By Michael de Neuilly Rice, cybersecurity architect at NEC XON
Threat actors no longer exploit vulnerabilities; they log in using legitimate credentials. This paradigm shift calls for innovative security approaches. One approach gaining prominence is Identity-Centric Zero Trust.
The Dark Web and the Accessibility of Cybercrime
The rise of a flourishing black market on the Dark Web has democratised cybercrime, making it accessible to a broader spectrum of individuals. Cybercrime-as-a-Service organisations coupled with user-friendly tools have lowered the barrier of entry, allowing anyone with compromised identities to become a successful hacker.
Zero Trust Principles
Microsoft’s “Evolving Zero Trust” white paper defines core principles for a successful Zero Trust strategy:
* Verify Explicitly: Make security decisions using all available data points, including identity, location, device health, resource, data classification, and anomalies.
* Use Least Privilege Access: Limit access with just-in-time and just-enough-access (JIT/JEA) and risk-based adaptive policies.
* Assume Breach: Minimise blast radius with micro-segmentation, end-to-end encryption, continuous monitoring, and automated threat detection and response.
Identity-Centric Zero Trust and ZTA
Identity-Centric Zero Trust builds upon Zero Trust principles, making user identity the new perimeter. Strict controls and continuous authentication mechanisms ensure that only authorised entities gain access to sensitive resources.
* Adaptive Authentication – Behavioural Analysis: Implement advanced authentication methods that analyse user behaviour to detect anomalies, ensuring access is granted only to legitimate users.
* Multi-Factor Authentication (MFA) – enhanced security layers: Integrate MFA protocols, focusing on passwordless and phishing-resistant methods like Windows Hello for Business and FIDO2 keys. Extending MFA to all sections of the organisation is vital to sustain the identity-centric approach.
* Policy-Based Access Control – Dynamic Policies: Implement granular access control policies adapting based on contextual factors, such as user location, device health, compliance, and time of access.
* ITDR (Identity Threat Detection & Response): ITDR aims to reduce the time it takes to identify and respond to threats by combining information from all identity sources. Automated attack disruption stops identity attacks and lateral movement activities using compromised credentials, delivering consistent protection for human and non-human identities.
The Future of the Modern Perimeter
As organisations embrace cloud-based services, remote work, and diverse devices, the traditional network perimeter becomes obsolete. Identity-Centric Zero Trust, fortified by Zero Trust Architecture, represents the future of cybersecurity.
By placing identity at the forefront, organisations can adapt to the dynamic nature of modern business environments, proactively protecting assets and maintaining data integrity.
In a digital landscape characterised by complexity and rapid evolution, Identity-Centric Zero Trust stands as a beacon guiding organisations towards a secure and adaptive future.