What Is Zero Trust?
07/06/2022
So, What Is Zero Trust? Zero trust is a cybersecurity strategy for verifying every user, device, application and transaction in the belief that no user or process should be trusted.
That definition comes from the NSTAC report, a 56-page document on zero trust compiled in 2021 by the U.S. National Security Telecommunications Advisory Committee, a group that included dozens of security experts led by a former AT&T CEO.
In an interview, John Kindervag, the former Forrester Research analyst who created the term, noted that he defines it this way in his Zero Trust Dictionary: Zero trust is a strategic initiative that helps prevent data breaches by eliminating digital trust in a way that can be deployed using off-the-shelf technologies that will improve over time.
What Are the Basic Tenets of Zero Trust? In his 2010 report that coined the term, Kindervag laid out three basic tenets of zero trust. Because all network traffic should be untrusted, he said users must:
verify and secure all resources,
limit and strictly enforce access control, and
inspect and log all network traffic.
That's why zero trust is sometimes known by the motto, Never Trust, Always Verify.
How Do You Implement Zero Trust? As the definitions suggest, zero trust is not a single technique or product, but a set of principles for a modern security policy.
In its seminal 2020 report, the U.S. National Institute for Standards and Technology (NIST) detailed guidelines for implementing zero trust.
Its general approach is described in the chart above. It uses a security information and event management (SIEM) system to collect data and continuous diagnostics and mitigation (CDM) to analyze it and respond to insights and events it uncovers.
It's an example of a security plan also called a zero trust architecture (ZTA) that creates a more secure network called a zero trust environment.
But one size doesn't fit all in zero trust. There's no single deployment plan for ZTA [because each] enterprise will have unique use cases and data assets, the NIST report said.
Five Steps to Zero Trust The job of deploying zero trust can be boiled down to five main steps.
It starts by defining a so-called protect surface, what users want to secure. A protect surface can span systems inside a company's offices, the cloud and the edge.
From there, users create a map of the transactions that typically flow across their networks and a zero trust architecture to protect them. Then they establish security policies for the network.
Finally, they monitor network traffic to make sure transactions stay within the policies.
Both the NSTAC report (above) and Kindervag suggest these same steps to create a zero trust environment.
It's important to note that zero trust is a journey not a destination. Consultants and government agencies recommend users adopt a zero trust maturity model to document an organization's security improvements over time.
The Cybersecurity Infrastructure Security Agency, part of the U.S. Department of Homeland Security, described one such model (see chart below) in a 2021 document.
In practice, users in zero trust environments request access to each protected resource separately. They typically use multi-factor authentication (MFA) such as providing a password on a computer, then a code sent to a smartphone.
The NIST report lists ingredients for an algorithm (below) that determines whether or not a user gets access to a resource.
Ideally, a trust algorithm should be contextual, but this may not always be possible, given a company's resources, it said.
Some argue the quest for an algorithm to measure trustworthiness is counter to the philosophy of zero trust. Others note that machine learning has much to offer here, capturing context across many events on a network to help make sound decisions on access.
The Big Bang of Zero Trust In May 2021, President Joe Biden released an executive order mandating zero trust for the government's computing systems.
The order gave federal agencies 60 days to adopt zero trust architectures based on the NIST recommendations. It also called for a playbook on dealing with security breaches, a safety board to review major incidents - even a program to establish cybersecurity warning labels for some consumer products.
It was a big bang moment for zero trust that's still echoing around the globe.
The likely effect this had on advancing zero trust conversations within boardrooms and among information security teams cannot be overstated, the NSTAC report said.
What's the History of Zero Trust? Around 2003, ideas that led to zero trust started bubbling up inside the U.S. Department of Defense, leading to a 2007 report. About the same time, an informal group of industry security experts called the Jericho Forum coined the term de-perimeterisation.
Kindervag crystalized the concept and gave it a name in his bombshell September 2010 report.
The industry's focus on building a moat around organizations with firewalls and intrusion detection systems was wrongheaded, he argued. Bad actors and inscrutable data packets were already inside organizations, threats that demanded a radically new approach.
Security Goes Beyond Firewalls From his early days installing firewalls, I realized our trust model was a problem, he said in an interview. We took a human concept into the digital world, and it was just silly.
At Forrester, he was tasked with finding out why cybersecurity wasn't working. In 2008, he started using the term zero trust in talks describing his research.
After
Most recent headlines
04/08/2024
Dalet Appoints Santiago Solanas as CEO to Lead Next Era of Growth and Innovation
Dalet, a leading technology and service provider for media-rich organizations, is excited to announce Santiago Solanas as its new Chief Executive Officer (CEO)....
03/06/2024
Dalet and Veritone Reach Agreement to Distribute, Transact and Monetize Media Archives
Dalet, a leading technology and service provider for media-rich organizations, a...
28/04/2024
Mediahaus delivers the first SRT live-streaming sports production over 5G with URSA Broadcast G2
Mediahaus delivers the first SRT live-streaming sports production over 5G with U...
27/04/2024
L3Harris Chair and CEO Christopher E. Kubasik Discusses 1Q24 On CNBC's "Closing Bell: Overtime"
On April 26, L3Harris Chair and CEO Christopher E. Kubasik joined CNBC's Mor...
27/04/2024
Audinate Adds Major New Features to Dante Connect
PORTLAND, Oregon Audinate Group Limited, the developer of the Dante AV-over-IP solution, announced significant new additions to Dante Connect, its cloud-based D...
27/04/2024
Bell Media Launches New Portfolio of FAST Channels
TORONTO Bell Media has launched 10 English and French-language FAST channels featuring entertainment, factual, news, and sports programming. The new free stream...
27/04/2024
Study: Broadcast TV Evening News Avoids Serious Economic Issues
An extensive new analysis of the news segments in the broadcast evening news programs of ABC, CBS, NBC and PBS has found that broadcasters devoted most of their...
27/04/2024
Hughes Opens Manufacturing Facility and Private 5G Incubation Center in Maryland
GERMANTOWN, Md. EchoStar's Hughes Network Systems has opened a new manufacturing facility and private 5G incubation center in Germantown, Maryland....
27/04/2024
Broadcasting Legend Harry Pappas Dead At 78
Harry Pappas, one of three brothers who founded Pappas Telecasting Companies in 1971, died April 24. He was 78 years old....
27/04/2024
Televisa Selects Synamedia For Broadcast Distribution Overhaul
ATLANTA and LONDON Mexican telecommunications and broadcast company Televisa has selected Synamedia for an overhaul of its broadcast distribution....
27/04/2024
Participate in the Survey - The Impact of AI on Media and the Creative Industry
Participate in the Survey - The Impact of AI on Media and the Creative Industry Pascal Wagner April 26, 2024 0 Comments By participating in this surve...
27/04/2024
SDVI Rally Access Workstation Earns Two Top Awards at 2024 NAB Show
SDVI Rally Access Workstation Earns Two Top Awards at 2024 NAB Show Brie Clayton April 26, 2024 0 Comments SDVI, the leading platform provider for clo...
27/04/2024
Berklee's Music and Health Institute Launches Community Health Musician Certificate
Berklee's Music and Health Institute Launches Community Health Musician Cert...
27/04/2024
Charter Reports Higher Q1 Profits Despite Broadband, Video Losses
Charter Communications reported higher first-quarter profits despite continued cord-cutting and competition for broadband customers....
27/04/2024
Environmental Groups Aim To Make Unscripted TV More Sustainable
Two environmentally-focused groups are partnering to engage the unscripted TV world in finding better ways to address climate change. Reality of Change is an ec...
27/04/2024
Sarah Garcia Named Weekend Anchor at Telemundo 40 in Texas
Sarah Garcia has been promoted to weekend anchor at KTLM McAllen, Texas, known as Telemundo 40. Starting April 27, she will anchor Noticias Telemundo 40 weekend...
27/04/2024
CBS Sports Kicks Off FAST Channel for UEFA Champions League on Pluto TV
CBS Sports said it launched a new 24-hour free, ad supported streaming television (FAST) channel devoted to the UEFA Champions League....
27/04/2024
Brian Roberts's Pay Rose To $35 Million at Comcast
Comcast chairman and CEO Brian Roberts received $35.4 million in compensation in 2023, up 11% from the previous year, according to a proxy statement filed by th...
27/04/2024
John Lithgow Goes Back to School in Art Happens Here'
Art Happens Here With John Lithgow, which sees the actor study dance, ceramics, silk-screen printing and vocal jazz with students in Los Angeles, debuts on PBS ...
27/04/2024
FETV Wants Upfront Buyers Seeking Cable Viewers To Join Its Family
Remember Leave It to Beaver? Bewitched? Dragnet? When cable ratings were rising?...
27/04/2024
Catchy Comedy Features Gomer Pyle, USMC' Weekend Marathon
Next up for the weekend binge at Catchy Comedy is Gomer Pyle, U.S.M.C. Every weekend, Catchy Comedy features The Catchy Binge, a marathon of a classic sitcom....
26/04/2024
Sundance Film Festival CDMX 2024 kicks off today at Cinpolis
Sundance Film Festival CDMX 2024 kicks-off today with screenings in 5 theaters in Mexico City and the opening-night film, FRIDA, directed by Carla Guti rrez...
26/04/2024
Interview: Lourdes Portillo, Director of Las madres de la Plaza de Mayo, La Ofrenda
[Editor's Note: This interview is part of a larger feature about the women d...
26/04/2024
Career insights instead of everyday school life
Once again this year, SGL Carbon opened its doors to interested children and young people. On the occasion of the German Girls and Boys Day, which took place on...
26/04/2024
L3Harris Technologies Reports Strong First Quarter 2024 Results, Increases 2024 Profitability Guidance
Orders1 of $5.5 billion; book-to-bill of 1.06x Revenue of $5.2 billion, up 17%,...
26/04/2024
What Makes A Network Resilient?
Five Considerations For Communications Modernization In The 21st Century In the digital-enabled battlespace, the Joint Force needs to shoot, move and communica...
26/04/2024
CBS Sports Launches New Free Streaming Channel
CBS Sports has launched Champions League as a new, 24-hour streaming channel that will serve as the year-round destination for nonstop highlights of the UEFA ...
26/04/2024
Roku Streaming Homes Hit 81.6M
Despite tough competition in the streaming space, Roku reported solid results in Q1 2024, beating revenue expectations, with total net revenue up 19% YoY to $88...
26/04/2024
Sarah Farrell Named General Manager Of Pinewood Toronto Studios
LONDON AND TORONTO Pinewood Toronto Studios has appointed Sarah Farrell as general manager of the Studios in downtown Toronto....
26/04/2024
Quantum to Offer Advanced Filesharing Technology and Performance in StorNext and Myriad Solutions
Quantum to Offer Advanced Filesharing Technology and Performance in StorNext and...
26/04/2024
FilmLight Colour Awards welcomes 2024 entries and introduces new Emerging Talent' award
FilmLight Colour Awards welcomes 2024 entries and introduces new Emerging Talen...
26/04/2024
Picture Shop Announces Chris Evans as Head of Unscripted
Picture Shop Announces Chris Evans as Head of Unscripted Brie Clayton April 26, 2024 0 Comments Picture Shop announced Chris Evans will lead Unscripte...
26/04/2024
Participate in a Survey - The Impact of AI on Media and the Creative Industry
Participate in a Survey - The Impact of AI on Media and the Creative Industry Pascal Wagner April 26, 2024 0 Comments By participating in this survey,...
26/04/2024
Hi Barbie! Mattel Launching First FAST Channels on Samsung TV Plus
Toy maker Mattel said it is working with Samsung to launch its first free ad-supported streaming television (FAST) channels later this year....
26/04/2024
Marty Moe Named President Of Trusted Media Brands
Trusted Media Brands (TMB) said it named Marty Moe as president....
26/04/2024
Ron Howard Directs Jim Henson Documentary for Disney Plus
Ron Howard is the director on Jim Henson Idea Man, a documentary that premieres on Disney Plus May 31. Henson of course created Kermit the Frog, Miss Piggy, Big...
26/04/2024
Kraken Skate Away From RSN Root Sports for Deals With Tegna, Amazon
The ice continues to melt under the regional sports network business as the Seattle Kraken of the National Hockey League have made a long-term deal to broadcast...
26/04/2024
Warner Bros. Discovery Launches Olli First-Party Data Platform
Heading into the upfronts, Warner Bros. Discovery said it launched Olli, a first-party data platform advertiser can use for converged, targeted advertising camp...
26/04/2024
The Equalizer' Gets Season 5 on CBS
CBS has renewed the drama The Equalizer, which will see season five on in 2024-2025. Queen Latifah stars....
26/04/2024
The CW Inks New Deal for Miss USA, Miss Teen USA
The CW has entered into an exclusive multiyear broadcast partnership for the Miss USA Pageant and the Miss Teen USA Pageant. The 73rd Miss USA Pageant will air ...
26/04/2024
Fuse Urging Young Viewers To Vote With Blunt Campaign
Fuse Media isn't mincing words in a campaign urging its young viewers to register and participate in the 2024 elections....
26/04/2024
Neil Gaiman's Sandman' Universe Expands With Dead Boy Detectives'
Dead Boy Detectives, a series from Neil Gaiman about a detective agency staffed by ghosts, debuts on Netflix April 25. George Rexstrew and Jayden Revri are in t...
26/04/2024
The Story Collective opens largest film and TV studio in the heart of London
The Story Collective has gradually repurposed the former Mortlake Brewery to include production offices, workshops and sound stages By Matthew Corrigan Publi...
26/04/2024
Richard Perkett joins Amagi as chief product officer
Perkett joins the company following a 25 year career in product management, product marketing, engineering and user experience (UX) across multiple industries ...
26/04/2024
Teradek Announces Smaller More Robust Built-in Antennas f...
Teradek, the industry leader in wireless video transmitters and receivers, announced today the launch of new Bolt 6 LT 750 and Bolt 6 Monitor Module 750 RX with...
26/04/2024
Amagi Names Richard Perkett Chief Product Officer
NEW YORK Amagi has appointed Richard Perkett chief product officer (CPO)....
26/04/2024
NAB Board Election Results Announced
WASHINGTON, D.C. The National Association of Broadcasters (NAB) has announced the results of the 2024 NAB Radio and Television Board of Directors elections. The...
26/04/2024
Mattel to Launch First FAST Channels on Samsung TV Plus
EL SEGUNDO, Calif. & NEW YORK Mattel has announced a deal to launch its first three 24/7 free ad supported streaming (FAST) channels on Samsung TV Plus, Samsung...
26/04/2024
NextGen TV Launches In Portland, Maine
PORTLAND, Maine Viewers here can now receive the NextGen TV signals of five local stations with the launch of ATSC 3.0 service from host station WPFO, which is ...