Why There's No Zero Trust Without Microsegmentation
According to the creator of Zero Trust, your Zero Trust security project is incomplete if you don’t have microsegmentation.
John Kindervag, the Godfather of Zero Trust and Illumio's new Chief Evangelist, sat down with Raghu Nandakumara, Senior Director of Industry Solutions Marketing, to explore:
- The limitations of the traditional Trust model of cybersecurity
- The essence of Zero Trust security
- Why microsegmentation, also called Zero Trust Segmentation, is essential to achieving Zero Trust
Watch a snippet of their discussion:
The Trust model: Cybersecurity’s biggest risk
When Kindervag began working in cybersecurity in the late 1990s, he was installing only firewalls to secure applications and workloads. This relied on the Trust model of cybersecurity — something he “really hated.”
“The Trust model screwed up security policy,” he explained. “You would assign a trust level to a physical interface. If something was headed towards the internal network, the trust level would be 100, or the highest trust level, and your internet connection would be zero, the lowest. Everything else would have some unique number between 0 and 100. It was called the adaptive security algorithm, but it was neither adaptive nor secure.”
The Trust model implicitly trusts all workloads inside the network. This allows malicious workloads that inevitably make it past the firewall to freely and quickly move within the network to an organization’s highest-value data.
Kindervag shared a story of when he saw the Trust model having extremely high-risk consequences: “When I was working on a project in the U.S. Treasury Department, I noticed a bunch of data leave and go to an IP address that I resolved to the Ukraine. And when we resolved the IP address of the server, it was a state’s financial system. I asked myself, ‘Why is all this financial data about this state in the middle of the country going to Ukraine?’”
When Kindervag asked this question to the department’s security team, they didn’t have an answer — and, worse, they didn’t have the permission to stop the traffic flow immediately.
"I asked, 'What are you allowed to do?' He held up a piece of paper, and he said to fill out this form. I thought, 'Oh, security is so broken.'"
Kindervag’s experience at the Treasury Department sparked his interest in finding a better, more modernized approach to cybersecurity. He called this experience “some of the origins of what became Zero Trust.”
What’s wrong with the Trust model? The origins of Zero Trust
Kindervag believes the basis of the Trust model originated from the way we’ve tried to understand networking.
“We’ve taken the human world and tried to port it straight over to the digital world,” he said. “That doesn’t work. We were anthropomorphizing the network to make it understandable, but that was causing these fundamental problems that were leading to massive data breaches.”
Kindervag explained that it's common to refer to people as being on the network, but that’s not an accurate reflection of what’s happening. In reality, packets are on the network, not people: “I’m not saying people aren’t trustworthy. I’m saying people aren’t packets,” he said.
From Kindervag’s perspective, this flawed view that people are on the network has preserved the idea that there needs to be implicit trust inside the network. Security teams don’t want the organization to think that they don’t trust their fellow coworkers.
However, if the goal is questioning the trustworthiness of workloads rather than people, it’s much easier to see the Trust model’s flaws — and the significance of Kindervag’s Zero Trust model.
Especially in today’s ever-evolving threat landscape, it’s inevitable that breaches will cross the network perimeter. Zero Trust ensures that these breaches aren't implicitly trusted once they get inside, making the Trust model irrelevant and unfit for today’s complex networks.
According to Kindervag, “Zero Trust is a cybersecurity strategy designed to stop data breaches, which is the exfiltration of sensitive or regulated data into the hands of malicious actors, and make other cybersecurity attacks unsuccessful.”
In other words, Zero Trust turns successful attacks into unsuccessful ones. This message, explained Kindervag, “is designed to resonate to the highest levels of any organizations but be tactically implemented using commercially available, off-the-shelf technology.”
Why does Zero Trust require microsegmentation?
While many organizations are now starting Zero Trust programs, Kindervag said there’s a misunderstanding that cybersecurity teams have achieved Zero Trust once they’ve implemented ZTNA.
“Why are they wrong?” asked Kindervag. “Because they don’t know what they’re protecting, so they don’t have controls as close as possible to what they're protecting.”
Organizations often want to achieve Zero Trust with a technology rather than with a clear strategy and process. This hinders their ability to see and understand their attack surface and, in turn, implement the granular policy required to secure the network. Without security controls close to the resource, application, or data that needs protecting, there’s no Zero Trust.
"The first thing you need to know is what you’re protecting. You can’t protect what you can’t see," Kindervag explained. "Then, put controls as close as possible to the things you’re trying to protect. That is the act of segmenting."
By implementing microsegmentation, also called Zero Trust Segmentation (ZTS), security teams make it difficult for malicious actors to spread through the network — and bring significant benefits to the entire organization.
What is the ROI of Zero Trust Segmentation?
Security teams are now acknowledging that ZTS is foundational to their Zero Trust architecture, but it can also be foundational to improving organization-wide security processes and network user experiences.
Kindervag listed four key ways ZTS delivers ROI:
- Reduced expenses: ZTS allows you to consolidate multiple tools
- Increased usability: By reducing the number of security tools, ZTS makes it easier for security teams — and the entire organization — to easily work alongside security and access the data and resources they need.
- Increase operational flexibility: Kindervag estimated that ZTS reduces security teams’ workloads by seven to ten times because policy is so much simpler to create and deploy.
- Reduce the impact of breaches: By containing breaches at their entry point, ZTS stops breaches from spreading throughout the network. This reduces breach remediation costs, legal issues and fees, and the effect on customer and stakeholder trust.
The traditional Trust model that cybersecurity has relied on for decades has proven insufficient and inherently flawed. Breaches are still able to move freely within networks and are ultimately leading to substantial risks and consequences.
Zero Trust is the best response to today’s security threats and is transforming cybersecurity strategy. But Zero Trust cannot exist in isolation. It necessitates a crucial companion: Zero Trust Segmentation.
Contact us today to learn more about how to get started with Zero Trust Segmentation at your organization.