Zero Trust: Hype or Hope?

Businesses are always in need of the most robust security possible. As the remote workforce expanded during and post-COVID, so did the attack surface for cybercriminals—forcing security teams to pivot their strategy to effectively protect company resources. Furthermore, the rise of organisations moving to the cloud, increasing complexity of IT environments, and legacy technical debts means tighter security mechanisms are vital.

During this time of change, the hype around Zero Trust increased, but with several different interpretations of what it was and how it helps. Zero Trust means — as the name suggests — to trust nothing by default.

Zero Trust isn’t a software in itself, but a strategy. Meeting the mandate will mean using a number of approaches, techniques and software types. The challenge only grows for those working piecemeal, without an overarching plan for using software and platforms that work together.  In this article, I’ll discuss whether Zero Trust is a strategy to which all businesses should strive towards, the growing shift towards a holistic security approach and how XDR aligns with Zero Trust.

Is Zero Trust an achievable goal for all businesses?

Zero Trust is an approach, not something that can be purchased. Just like a company will never be “100% secure”, it will never likely have “achieved Zero Trust.” That doesn’t mean security and Zero Trust are abandoned, but instead they are goals that are continuously strived for.

At Trend Micro, we leverage the terminology and concept of “Zero Trust” to help our own employees gain awareness of cybersecurity, while focusing on enhancements of foundational cybersecurity maturity through people, process and technology:

• People –  Enhancing awareness; turning the weakest link to the strongest link in defending against cyber threats.
• Process – Developing, communicating and enforcing cybersecurity policy with alignments to enterprise risk management prioritisation and remediation.
• Technology – Leveraging telemetry data integration and machine learning to gain full cyber risk visibility for action.

It is extremely costly to achieve the highest maturity of Zero Trust in an IT environment and in most cases, it is not economically feasible nor practical to do so. The maturity level should depend on the enterprise’s risk management framework and approaches as well as its data classification.

Shifting towards a holistic approach

Organisations often begin their Zero Trust journey when faced with new security considerations as they move to the cloud. Migrating on-premises resources to the cloud entails monitoring a growing digital attack surface, which equals all possible entry points for unauthorised access into any system that is typically complex, massive, and constantly evolving.

Since the cloud doesn’t have a perimeter like on-premises environments, IT teams are struggling to keep up. A recent global study by Trend Micro found that SecOps lack confidence in their ability to prioritise or respond to alerts, with 54% of respondents saying they were “drowning in alerts”. With many enterprises using a hybrid cloud environment, operating several siloed point products to catch cyberthreats can be extremely challenging.

Organisations should look towards a holistic approach, adopting defensive in-depth security with multiple layers of protection. A unified cybersecurity platform, like Trend Micro One, provides enterprise-wide visibility, detection, and response combined with the security capabilities you need throughout the attack surface risk lifecycle. Our platform enables SecOps teams by providing a single point of truth across the entire infrastructure, gathering telemetry from all environments and correlating threat data to deliver fewer, but highly relevant, alerts to manage.

How XDR creates a solid foundation for Zero Trust

To properly assess the trustworthiness of any devices or applications, you need comprehensive visibility across your environment. A well implemented XDR solution provides full cyber risk visibility into an IT environment and when used in tandem with the Zero Trust approach, organisations can further enhance their security.

Monitoring and managing behaviour patterns of user access and data access are critical parts of Zero Trust. Trend Micro’s XDR solution offers automated detection and responses through machine learning and big data analysis. XDR automated response enforces consistent security policy while aligning to enterprise risk management.

Since XDR is constantly collecting and correlating data, it establishes a continuous assessment pillar of the Zero Trust strategy. This means that even after you’ve approved initial access for an endpoint, that asset will continually be reviewed and reassessed to ensure it remains uncompromised.

All businesses should strive for a foundational level of Zero Trust. To address the complexity of risk, the process needs to be treated like a lifecycle, in which continuous visibility and assessment are used to discover an organisation’s attack surface, assess the risk, and then mitigate the risk. At Trend Micro, we advise our customers to take Zero Trust implementation one step at a time.