Zero Trust defense for federal agencies
2023-12-14 22:0:0 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

illustration of capital building in web browser window

In January 2022, the U.S. federal government issued an Executive Order stating that federal agencies must meet specific cybersecurity requirements by the end of fiscal year 2024. The purpose of this order is to protect agencies from advanced and ongoing threat campaigns. These campaigns pose a risk to public safety, privacy, economy, and trust in government. A key component of this executive order is Zero Trust, crucial for protecting federal agencies from evolving cyber attacks.

Cybersecurity and Infrastructure Security Agency (CISA) issued a Zero Trust Maturity Model. Now in its second version, this model helps federal agencies evolve and operationalize their cybersecurity programs and capabilities in order to be in accordance with the 2021 Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity”. The Maturity Model focuses on 5 distinct pillars:

  • Identity
  • Devices
  • Networks
  • Applications and Workloads
  • Data
Chart showing foundation of Zero Trust, with Identity, Device, Network/Environment, Application Workload, and Data being the five pillars and Visability and Analytics, Automation and Orchestration, and Governance being the base

These pillars are designed to help agencies assess, plan, and maintain the investment that is needed to progress toward a zero trust architecture. However, there is no single cybersecurity solution that can optimally address every pillar. The goal is to find the right combination of solutions that work together. This will ultimately help agencies achieve complete zero trust.

Current state of most agencies:

The Zero Trust Maturity Model establishes a security architecture that challenges the default assumption of trust. In the current landscape of browsing the Commercial Internet, many Agencies still rely on antiquated technologies for Network Security, employing a simplistic ‘Detect’ and ‘Respond’ strategy. 

These outdated technologies primarily focus on identifying known malicious content such as JavaScript and files, allowing local web browsers to execute this code on users’ devices. 

However, this approach falls short when users encounter web pages delivering “Unknown” malicious content that escapes detection by these technologies. This practice is not the same as Zero Trust principles. It involves running internet code on users’ browsers and trusting the Commercial Internet.

Presently, the majority of cybersecurity solutions have limitations, as they solely concentrate on safeguarding against untrusted sources. However, this approach falls short, given the rising number of threats originating from trusted sources. Menlo Security’s threat intelligence team has identified a concerning trend: over 50% of evasive Advanced Persistent Threats (APTs) emanate from categorized (or known good) sites. Furthermore, relying on a ‘Detect’ and ‘Respond’ strategy, indicating that the threat has already infiltrated the network by the time it is addressed.

A more robust and proactive security strategy is needed to effectively address the evolving threat landscape.

Future state: Zero Trust Maturity Model with Browser Security

To ensure comprehensive protection, federal agencies must adopt a stance of trusting nothing on the Commercial Internet. 

Menlo Security’s Browser Security platform provides exactly the approach needed to safely allow users to browse the Commercial Internet. Through a Secure Cloud Browser, Menlo Security enhances the CISA Zero Trust Maturity Model by isolating web browsing activities from the local device, thus reducing the attack surface and potential risks. Here’s how Menlo Security aligns with Zero Trust principles:

Safe Internet Browsing

Instead of executing target website code locally in a web browser, Menlo’s Secure Cloud Browser executes the content, and a safe version is rendered in the user’s browser, ensuring that potentially malicious content or activities are isolated from the local environment.

Risk Reduction

By executing web code in a remote environment, Menlo Security minimizes the impact of potential threats, limiting the exposure of sensitive data and protecting against web-based attacks.

Data Loss Prevention (DLP)

Menlo Security helps prevent data loss by ensuring that sensitive information remains within the isolated browsing environment and doesn’t get downloaded to the local device without proper authorization.

Phishing and Malware Protection

Menlo Security protects against phishing attacks and malware by executing potentially harmful content away from the local device, preventing the execution of malicious code.

Centralized Control and Policy Enforcement

Menlo Security enables centralized control and enforcement over browsing policies, ensuring security policy implementation across all devices and browsing sessions.

Compliance Assurance

Menlo Security contributes to compliance with data protection and privacy regulations by securing web browsing activities and preventing unauthorized access or data exposure.

Adaptive Security Posture

Menlo Security supports an adaptive security posture by dynamically adjusting security controls based on the specific risk context of each web session, aligning with the Zero Trust principle of continuous evaluation.

Threat Intelligence Integration

Menlo Security can incorporate threat intelligence feeds to enhance its ability to detect and block access to websites known for hosting malicious content, further strengthening security measures.

The most trusted name In Browser Security

By implementing Menlo’s Browser Security, organizations enhance their overall security posture, aligning with the Zero Trust model’s core tenets of verifying and validating every access attempt while reducing the potential impact of security incidents.

Menlo Security helps agencies achieve optimal status for the Network and Device pillar of the Zero Trust Maturity Model. By isolating the user from the internet, all known and unknown web-borne threats are prevented from reaching any device or network, eliminating a threat from ever reaching the endpoint or the network.

Menlo Security, the largest provider of Browser Security of the federal government, will enhance and augment an agency’s existing security stack by allowing safe access to the internet. Menlo Security:

  • Opens the internet, enabling users to safely access links and attached files without fear of malware or ransomware.
  • Provides unmatched scalability for any device, anywhere in the world, and on any browser. Never sacrifice performance for security. 
  • Removes the internet as a threat vector, greatly reducing the number of alerts the SOC team needs to work through.

Transition from outdated detection and remediation practices to a proactive prevention approach against all internet-borne threats. Embrace this shift to achieve Zero Trust compliance for your agency’s cybersecurity posture. Learn more about how Menlo Security protects federal agencies, staff, and reputations here.

The post Zero Trust defense for federal agencies appeared first on Menlo Security.

*** This is a Security Bloggers Network syndicated blog from Menlo Security authored by Darrin Curtis. Read the original post at: https://www.menlosecurity.com/blog/zero-trust-defense-for-federal-agencies/


文章来源: https://securityboulevard.com/2023/12/zero-trust-defense-for-federal-agencies/
如有侵权请联系:admin#unsafe.sh