How to Balance the Zero Trust Journey with the Speed of the Mission

January 25, 2023

In November of 2022, the Defense Department officially launched a cyber strategy based on Zero Trust. This move comes after President Biden’s Executive Order on Improving the Nation’s Cybersecurity in which Zero Trust architecture is noted as one of the best practices in cybersecurity.

 

Most federal agencies are currently well-positioned to accelerate their cybersecurity efforts because of investments in digital transformation, which include rebuilding and improving their security approach. With that in mind, where does that leave other critical infrastructures that need to adopt the same tactics with smaller budgets and fewer resources? The truth in the matter is that many financial, healthcare and education sectors are feeling more pressure to speed up their Zero Trust journeys. In fact, the federal Zero Trust architecture strategy outlines aggressive Zero Trust implementation deadlines into 2024.

 

Implementing a Zero Trust roadmap is a great way for users to protect themselves from digital threats. Securely protecting government networks, infrastructure and data is best done when tailored to your specific needs.

 

Below is an introduction to the concept of Zero Trust and considerations for IT leaders.

 

 

Zero Trust: A Complete Reevaluation of Security

Zero Trust is a strategic approach to cybersecurity, not a single product. It secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. By adopting Zero Trust principles and architecture, organizations can build resilience into their IT networks and environments, simplify risk management and improve operational efficiency.

 

Applying a consistent, robust policy that secures users and data wherever they reside ensures overall safety from our digital society to our critical infrastructures. For any organization to strengthen the protection of its most critical assets, it must accept the reality that a compromise or breach is not an if, but a when. They must focus on limiting the impact of that risk.

 

Zero Trust isn’t a “flip-the-switch” effort to enhance cybersecurity. It takes time, and it’s an ongoing journey. The good news is that your agency can start implementing the Zero Trust process anywhere, and you can use existing tools and capabilities to establish a starting line.

 

 

Where to Start Your Multi-Year Zero Trust Journey

 

Redefine Your “Perimeter”
As an organization adopts additional and more diverse cloud and mobile technologies, the defined “perimeter” that is core to a traditional, perimeter-based, defense-in-depth strategy evaporates. Instead, the organization is left with a collection of many smaller surfaces to protect.

 

By extending current firewall policies to the edge to support cloud and mobile users, organizations can migrate to a new Zero Trust architecture more seamlessly.

 

Assess Your Current Environment
A Zero Trust maturity assessment will help you understand the current state of your security and determine which key areas you should tackle first. By conducting an audit of the tools and capabilities that your agency has now, then optimizing those products and solutions, you can jump start your Zero Trust journey. Broad visibility is a must for implementing a Zero Trust strategy and best practices.

 

 

How Be Stable During Your Transition to Zero Trust

 

Readiness Assessment
Having a clear roadmap for the Zero Trust journey and a maturity model to measure progress is vital to help ensure leadership support. By leveraging the technical acumen of a combined Optiv and Palo Alto Networks team, we can help agencies create both through a Zero Trust Readiness Assessment. This assessment provides discovery and asset identification, Zero Trust implementation, process improvement and more.

 

A readiness assessment can help condense the timeline of your agency’s move to Zero Trust and provide several benefits:

 

  • Assess and recommend
  • Remediate and build
  • Transformation execution

 

Three Pillars of Zero Trust
Clients are often concerned about disrupting their speed, performance and mission assurance as they deploy Zero Trust. Separating the journey into three areas can help to control the scope and impact of the journey:

 

  • Users
  • Applications
  • Infrastructure

 

Palo Alto Networks refers to these areas as the three “pillars” of a Zero Trust model. The figure below outlines the actions that must be taken with these pillars. This will establish identity by using the strongest authentication possible by verifying the device and workload, securing access and securing all transactions.

 

Image
january panw_img1.jpg

 

 

Automation as a Zero Trust Accelerator

Zero Trust is a methodology, but it needs to be supported by the right tools, including those for orchestration and automation. When the administrative burden of a Zero Trust strategy becomes too great, it runs counter to the original goal of simplifying security. To minimize the impact of that strategy, including mission timelines and performance, look to automate and orchestrate tasks. Palo Alto Networks’ Cortex XSOAR, a security orchestration automation and response platform, can help. Optiv uses it in our own internal execution of Zero Trust.

 

To speed up and amplify your agency’s Zero Trust journey, you can formulate your strategy in parallel with your overall efforts to transform digitally. This includes network transformation, data center and cloud migration, as well as SecOps transformation, so you can modernize and rebuild IT while meeting Zero Trust objectives.

 

 

Why Work with Optiv and Palo Alto Networks on Zero Trust?

Optiv is a cyber advisor and solutions leader. Clients of Palo Alto Networks come to Optiv to solve their most complex problems. They rely on our agility and mission-specific technical expertise to bring together unique teams of subject matter experts who partner with them in the design, development and implementation of powerful solutions.

 

Palo Alto Networks provides a platform approach to security that enables the consistent application of security posture wherever a user, data, application, asset or service resides. Optiv delivers strategic and technical expertise to advise, deploy and operate complete cybersecurity programs.

 

Together, Optiv and Palo Alto Networks can equip your critical infrastructure organization with the insight it needs to deploy Zero Trust intelligently while optimizing for speed, performance and mission assurance to transform how your users securely access the cloud.

Adam Boucher
Principal Security Architect, Public Sector | Palo Alto Networks
Adam Boucher is the Principal Architect for the Public Sector Capture team at Palo Alto Networks, In this role, Adam uses his 20 years of Network and Security engineering experience to support our Federal partners, helping them design and build innovative and secure solutions for their customers.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.