According to Gartner, Continuous Adaptive Risk and Trust Assessment (CARTA) will be one of the top strategic technology trends for 2019 and beyond. CARTA is an adaptive security approach that will help organizations to overcome the barrier between application teams and security teams. In a world where hackers remain a huge threat to businesses, this approach will provide enterprises with much-needed proficiency in risk management and cyber resilience.
Continuous Adaptive Risk & Trust Assessment (CARTA) for DevSecOps
With this futuristic approach, we will see less of firewalls in businesses as software developers will work with security teams to incorporate multiple security testing points into DevOps. This is known as DevSecOps. Security in applications will start early in the development stage as teams will identify threats that face an organization and eliminate them before releasing the applications. With this approach, development teams will balance the need for security with the need for speed, agility, and visibility.
Adaptive security is a security model in which the monitoring of threats remains continuous and improves as cybersecurity risks change and evolve over time. Traditional security methods of the past included antivirus software, intrusion defense systems (IDS/IPS), and firewalls. These approaches are simply not enough anymore. Development practices and environments are no longer static. Dynamic security systems need to be integrated within continuous deployment IT, as well as in the virtual cloud & hybrid environments. Adaptive security software studies patterns and behaviors rather than just examining log files, monitoring checkpoints and responding to alerts. It is an intuitive intelligence approach aimed to identify methods and techniques used by cyber criminals, which are then used to prevent an attack from occurring and potentially respond to a breach in milliseconds. Protecting your reputation and your brand!
Zero Trust Architecture (ZTA)
Relying on perimeter prevention alone leaves gaps and blind-spots in your network. Traditional security approaches assume that everything inside of an enterprise network can be trusted. A Zero Trust approach is critical, as users can be careless, compromised, or even criminal – resulting in malicious access to critical applications and data. You need a Zero Trust Architecture (ZTA) that is cloud-based and combines granular visibility, micro-segmentation, cloud workload protection, application control, and endpoint protection into one platform. You need to be able to visualize everything and eliminate blind spots, a 360-degree view that allows you to see every interaction between processes, communications, files, users, applications, and workload instances. This approach also allows simpler and faster time-to-compliance while reducing the overall risk factors. As mentioned by Forrester: Visibility is key, because you can’t protect what you can’t see.
Modern Enterprise Businesses are looking for ways to achieve proactive protection without adding additional resources. When implemented correctly, micro-segmentation can automate workload protection, while proactively mitigating APTs and lateral attacks with zero added complexity. You can use micro-segmentation to create Zero Trust Zones reducing the enterprise attack surface and increasing network visibility, regardless of where the data resides. This process allows Admins to automate and orchestrate workload security policies, and securely migrate applications to the cloud, while dynamically responding to indicators of compromise (IOCs). In the new age of Security, you can simply contain and block lateral east-west threats by isolating workloads, users, applications and databases—without error-prone VLANs/ACLs or complex firewalls. It’s a more straightforward approach that stops the threat before it even happens. Favorable digital business outcomes are optimized when this type of comprehensive “Digital Trust” platform works in conjunction with the recommendations of the Adaptive Security Architecture defined above.
Zero Trust Network Access (ZTNA)
Zero Trust Network Access aims to do exactly what the name implies — control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network, and what they can or can’t do. A successful ZTNA policy should help with the mitigation of non-zero-day attacks and control the authorization, authentication, and accounting of network connections – while implementing the role-based controls of user, device, application. One main benefit of ZTNA solutions is to prevent endpoints that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of computer worms. Policy enforcement along with identity and access management become part of this solution as well. Best practices of ZTNA are still evolving as policies and identities are better defined for modern architectures.
The ability of an enterprise to limit the impact of security incidents is as important as the type of protection itself. Preparation determines if you will survive when the inevitable happens. The ultimate objective of most security teams today is to implement cost-effective risk mitigation that result in cyber resilient outcomes. It’s your responsibility as an IT Security Professional to run towards digital transformation, while understanding critical risk-based prioritization and the vulnerabilities associated with your specific environment. The objective is the same – now and in the future – to protect your reputation and your brand.