An expert at Appgate says the decision by the Pentagon to launch a Zero Trust cybersecurity office sends a clear message to cybercriminals.
Felipe Duarte, Senior Researcher at Appgate, believes the SolarWinds’ attack revealed how organizations, including government ones, are vulnerable to supply-chain attacks.
“After an initial breach, there aren’t enough barriers in current infrastructures to stop the threats from spreading,” said Duarte.
He explained that after attackers get access through any ‘trusted’ application, they can easily navigate through the network.
“Zero Trust then becomes the natural solution for that. Only by segmenting the networks and assuming all connections can be compromised can you detect an intruder in your network,” said Duarte.
“ZeroTrust needs to be implemented in the core infrastructure. You must profile any device trying to connect in your network, use multi-factor authentication to ensure credentials are not compromised, segment networks creating isolated perimeters, and, most important, only provide access to what a user or a system needs to.
“By focusing on Zero Trust, the Pentagon sends a clear message to cybercriminals that they are taking cybersecurity seriously. This, along with Biden’s memo published earlier this year, should be a wake-up-call to all organizations that haven’t adopted Zero Trust yet. The best way to contain the damage from a ransomware or a spyware attack is to implement Zero Trust.”Click below to share this article