ZERO TRUST CYBER SECURITY

MODEL
Learning Outcomes
Having completed this module, you will be able to:

 Analyze the differences associated with perimeter-based security measures in organizations.

 Assess how cybersecurity dynamics have changed recently.

 Describe different variations and scenarios concerned with Zero Trust deployment.

 Identify workplace policies that jeopardize the IT security framework of an organization.

 Recognize the importance of real-time visibility in the Zero Trust framework.

 Paraphrase the core principles, basic beliefs, and core pillars of the Zero Trust framework.

 Discuss why the Zero Trust model must be implemented as a cybersecurity framework.

 Relate the NIST 800-207 standard with the establishment of a Zero Trust network.

 Contrast between Zero Trust and the Zero Trust architecture.

 Indicate how the Zero Trust model can be exploited with insider attacks.

Understanding the Perimeter Security

Perimeter security solutions have been used by organizations to protect their frameworks from intrusion
and unauthorized access. Perimeter security involves a lot of techniques and tools, such as:

 Security management.

 Access control.

 Buried sensors.

 Video analytics.

 Face sensors.

Apart from these measures, several physical security measures, such as barriers, lighting, gates, and fences,
are also deployed to protect assets. Regarding cybersecurity measures, organizations implement Intrusion
Prevention Systems and firewalls to protect against malicious activities. But lately, the IT environment's
increased complexities and rapidly changing dynamics are rendering perimeter security measures weak.
Changed Security Dynamics in the Cybersecurity
As we all know, the Covid-19 pandemic has greatly changed the dynamics of every department of life.
Work practices were also greatly influenced by the pandemic, and there were times when almost everyone
was forced to work from their homes. This situation meant that the employees must access their
organization's IT frameworks from unauthorized locations and devices, including their own personal
devices.

Using such unsecured locations and devices was making the companies' networks vulnerable with every
passing day. This situation led most of them to use a Virtual Private Network (VPN). While VPN did
provide them with an encrypted communication channel, they still have their own caveats.

What could be the Problem with VPNs?

Suppose an individual with malicious intent had already access to a company's network. Deploying a VPN
in such a case can make things worse by hiding the information with which the companies can differentiate
between legitimate and illegitimate access. Thus, one can establish that it VPNs are not a foolproof
solution to implement a robust cybersecurity framework.

With solutions like VPN being ineffective, it is important to learn about more robust frameworks and
cybersecurity solutions, such as Zero Trust.

Abbreviations within the Zero Trust Framework

1) CDM: Continuous Diagnostics and Mitigation- They collect information on a
system's current state.
2) CGM: Comprehensive Governance Model.
3) CSA - Cloud Security Services.
4) FCAPS - Fault, Configuration, Accounting, Performance, and Security.
5) FICAM - Federal Identity, Credential, and Access Management.
6) FISMA - Federal Information Security Management Act.
7) HWAM - Hardware Asset Management.
8) HVA - High-Value Assets.
9) ICS - Industry Compliance System - They ensure organizations' compliance
with regulations, such as FISMA.
10) MFA - Multi-Factor Authentication (2FA, 3FA, etc.)
11) NCPS - National Cybersecurity Protection System.
12) NPE - Non-Person Entities.
13) NIST - National Institute of Standards and Technology. 14) PA - Policy
Administrator: This component establishes a connection between a client and a
resource.
15) PE - Policy Engine: It makes the ultimate decision about granting access to
a resource for a given client.
16) PDP - Policy Decision Point.
17) PEP - Policy Enforcement Point: It enables, monitors, and terminates
connections between subject and enterprise resources.
18) RMF - NIST Risk Management Framework.
19) SDP - Software Defined Perimeter.

20) SIEM -Security Incident and Event Monitoring - It is a centralized log

allowing analysis and alerts.
30) SWAM - Software Asset Management.
31) A - Trust Algorithm.
32) TIC - Industry Compliance System.
33) VUCA - Volatility, uncertainty, complexity, and ambiguity.
34) ZTA - Zero Trust Architecture (or Zero Trust Network Architecture.)
35) ZTE - Zero Trust Ecosystem.
36) ZTN - Zero Trust Network.

Scenarios Concerning Zero Trust Deployment

Zero Trust implementation takes place in different scenarios:

Gateway-Based Deployment

It is a situation where the organization manages all the devices and

infrastructure. The PEP is used to orchestrate connections between the
resources. The gateway-based deployment is against Bring Your Own Device
(BYOD) policy.
Microperimetry-Based Deployment

It is a micro-segmentation approach, with controls being placed in small perimeters. This

deployment method covers legacy systems without offering PEP integration. The problem
with micro perimeter-based deployment is that it allows lateral movement within the
perimeter in case a resource gets corrupted. By combining this approach with gateway-based
deployment, lateral movement can be restricted. However, systems having access to legacy
systems can still have lateral movement. Also, this model allows clients to see resources that
they are not supposed to see.

Resource Portal-Based Deployment

This approach does not need the client devices to be controlled by the
organization. In this approach, the controls are applied at a gateway level
where PEP ensures compliance with requirements and restrictions. Resource
Portal-Based deployment is usually associated with BYOD, because the client
device is not directly controlled by the organization.

Resource Portal-Based Deployment

This approach does not need the client devices to be controlled by the
organization. In this approach, the controls are applied at a gateway level
where PEP ensures compliance with requirements and restrictions. Resource
Portal-Based deployment is usually associated with BYOD, because the client
device is not directly controlled by the organization.