‘Doctor Zero Trust’ shares advice for modern cybersecurity programs
In Forcepoint’s latest To the Point Cybersecurity podcast episode, Chase Cunningham (aka Dr. Zero Trust), Principle Analyst at Forrester Research, joined as a guest to offer his advice and outlook on the market trends around Zero Trust, as well as what to look for in vendors and where to focus your security efforts. Here are some highlights from the conversation.
“We’ve been doing it wrong for 30+ years, we are just now starting to do it right”
We all know the traditional perimeter security approach is not working, yet many organizations are slow to change. Dr. Cunningham warned that if security organizations don’t adapt, they will continue to see security failure. He shared that as organizations move to the cloud, if they transform correctly it will make security easier, but he cautioned that if organizations stick to the same old approach they will fail.
He also warned organizations that dragging their feet on adapting to a cloud-based world may prove costly, as buyers are increasingly looking for companies with a viable security strategy in place. He described a market where organizations are drifting away from just “crossing their fingers” and hoping they don’t wind up with a mega breach. If you’re doing security correctly, he noted, buyers will take notice and leverage your services.
“Data is the core component of security”
Dr. Cunningham explained why data is at the center of the Zero Trust model. He used the analogy that no one breaks into a bank to say they made it inside; they break in for the money. Data is the currency for a security organization and those of us in security are dedicated primarily to securing the data. He shared that organizations often don’t understand the value of data. “It is really important to make sure you understand across the entire lifecycle of Zero Trust that data is why you are doing what you are doing,” he noted. “And if a solution doesn’t enable you to do better data security via segmentation or isolation or authentication or any one of those, then it is not a solution that actually meets the need for Zero Trust.” With this in mind, he suggested he would never advise anyone go off and do data discovery, classification, and schema -- because in the real world a single user can create data so fast and so quickly that it negates that whole approach.
The new side of Zero Trust takes a different approach with a focus on the users
Dr. Cunningham made it clear that he does not believe humans are the weakest link, and suggested architecture is the actual weakest link when it comes to security. However, he emphasized that humans are responsible for causing the architecture to topple over when there are weaknesses present. He suggested training alone will not solve the problem, but if your architecture is built correctly, people shouldn’t cause a massive problem.
Ultimately, paying attention to who uses the data and what they do with it is what matters. He noted: “The difference is being made by finding out what the users are doing and how they are accessing that data and securing it based on that approach.” A perimeter approach grants access based on implicit assumption of trust. A Zero Trust approach is to eliminate lateral movement and overly prescribed admin credentials to get to zero, then architect around that. With this approach, capabilities are limited to what is needed, therefore if a breach happens the problem is localized and the size and scope of the breach will be less devastating.
Listen here to the full podcast for more advice from Dr. Cunningham on market trends around Zero Trust and practical advice on selecting vendors.
Follow “Dr. Zero Trust” on YouTube where Chase provides real world videos on Zero Trust.
Subscribe here to listen to more episodes of Forcepoint’s “To the Point Cybersecurity” podcast.
