“We control our own networks,” declared Adrian Sanabria, VP of Product Strategy and Marketing at NopSec during Black Hat 2018. While you could read this as a “duh,” Sanabria’s point is a salient one; for far too long the security community has allowed attackers to gain the upper hand in manipulating our organizations' networks. With this statement Sanabria certainly wasn’t implying that wresting back advantage is easy, however, he did point out that there are ways defenders can affect better security for the effort they’re expending.
Zero trust is one of those strategies. For one thing, said Sanabria, “Zero trust is becoming important because most of our [previous] efforts to segment networks and apply least privilege to networks and access controls to devices on our network have mostly failed” due to the complexity of past approaches and difficulty of using legacy tools. Zero trust, he said, gives security teams the flexibility and capacity to be more dynamic, a mandatory requirement in today’s attack-driven landscape. Through zero trust, microsegmentation and least privilege access (among other controls) are no longer sources of friction between security and other teams.
Whatever strategy or tactics you decide to use to secure your networks, Sanabria said it’s best to take a scenario-based approach, to look at what’s happening in your industry and with peers, or even just to imagine the worst-case situation. From there, the real work of gaining visibility begins: Security must understand how networked systems talk to one another, how data flows through those systems, how many assets are involved... To hear more of Sanabria’s guidance, take a quick listen to his interview, below.