Zero Trust Further Considered - Another Benefit of Living in the Times of AI | 2020-07-01

Zero trust further considered - another benefit of living in the times of AI

July 1, 2020

Recent social distancing and sheltering-in-place regulations have, according to Gallup, resulted in a 57 percent increase in our remote workforce. The ramifications of these additional employees, working from home, portend a variety of workflow disruptions, including more opportunities for attackers to exploit vulnerabilities in home networks and devices as the means by which to gain access to corporate systems and data. In a hasty transition to working remotely, it is possible that essential security practices are being overlooked, leaving critical doors ajar through which malicious actors may enter.

The situation is complicated by the fact that traditional security best practices can be especially cumbersome, requiring users to spend hours reentering usernames and passwords and answering countless authentication questions. At the same time, most are now acknowledging that proper security posture is critical, the path to securing the remote workforce should also be seamless and experienced as a hassle-free balance between safety and a quality user-experience. It is pivotal to implement appropriate security practices, as inadequate measures can lead to unmanaged risks and the endangerment of corporate systems, data and employees.

Historically, organizations and employees have had to rely solely on username and password combinations – a process intended to ensure user trust. The harsh reality is that there are glaring deficiencies with the username/password combination paradigm. Even with the strongest password and multi-factor authentication (MFA) combinations in place, once an attacker has access to a user’s credentials, security defenses are essentially null and void.

What has been even more troublesome is the heavy dependence enterprise software systems have had on thousands of third-party elements, the security of which has been almost impossible to determine. A collateral challenge has been determining the probability that an attack will exploit a software vulnerability, install malware within enterprise systems and thereby facilitate the theft of user access credentials.

Organizations are deploying defense-in-depth to no avail, including MFA, firewall policies and deployment of encryption. Despite all this expense-in-depth, cyberattacks on enterprise data are still occurring at alarming rates. This is where Zero Trust comes into play. Enterprise trust has become a business problem, on top of an already taxing data security problem. Zero Trust systems support our aspirations to achieve minimal or zero touch strategies and relieve organizations from having to make the Sophie’s Choice between security and high-quality user experience.

Given the anemic performance of the past, Zero Trust arrives as a breath of fresh air, carrying with it no small confidence of finally being able to execute proper security postures that turns on its head any notion that users, devices and applications, interacting with the enterprise network, should automatically be trusted. Its implementation requires that all communications and interactions be relentlessly validated through continuous authentication.

Continuous authentication provides an ongoing risk measurement of all interactions at every point; it’s not a one-time vetting action or an individual MFA, but rather a constant, active process that takes all potential factors into account in a manner that ultimately only AI can support. This includes the consideration of user context and biometrics, continuously analyzing risk probability. In historical terms, Zero Trust by comparison is not intrusive nor disruptive to everyday users. It is only when an anomaly is detected that a user is asked to provide another authentication factor.

Zero Trust analyzes contextual and spatial data in real-time to create a simpler user experience, all while validating behavioral and locational circumstances. The resulting product is a risk score that informs policies for smart security and compliance postures. With risk scores in hand, organizations can determine the appropriate level of access that should be granted devices, users and applications.

Zero Trust’s ultimate goal is to enable users to work remotely – from home or anywhere else – and to engage effortlessly across systems, devices and data throughout the course of any given workday without compromising their organization’s security – or their own for that matter – becoming yet another benefit of living in the times of liberating AI and its associated math models.

John McClurg serves as Sr. Vice President, CISO and Ambassador-At-Large in BlackBerry's/Cylance’s Office of Security & Trust. McClurg previously was CSO at Dell; Vice President of Global Security at Honeywell International, Lucent Technologies/Bell Laboratories; and in the U.S. Intelligence Community, as a twice-decorated member of the Federal Bureau of Investigation.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.