Minicast: Zero trust addresses flaw in cybersecurity approaches - Crowdstrike

Zero trust is less a single technology and more a new way of working said Tim Wellsmore director, Falcon complete APJ, at CrowdStrike, who notes, “There is education that needs to be done beyond the realm of just cybersecurity professionals."

Wellsmore describes zero trust as a very basic concept.

"Before we had trusted users, and we had networks and systems that were trusted, and then people would access those systems, and once you'd logged on as a user you were within that trusted group, you then had access to all of the crown jewels of an organisation.”

Organisations now understand the flaw in that thinking, he said. “We’ve realised that you can't trust anything.”

Instead, under zero trust, users need to be confirmed as a trusted entity with each new interaction.

“That's not just through credentials and identity, but it's actually also through behaviour. So this zero trust model starts to pull everything back and says 'You cannot trust anything,' because the adversaries are actually integrating and compromising all manners of the interactions of the networks and the systems that protect these information assets."

As such zero trust requires a robust approach to identity management.

He told Digital Nation Australia, “Zero trust, requires us to make sure that there is a validation that an action is legitimate, and it's not malicious in any way.

"Identity is used as one of those things, and it's the identity of the user that we are talking about.”

Identity can be proven in a number of ways, he said.

“There's biological systems that will test your identity, facial recognition, but there's also passwords, credentials, and those sorts of things. Identity relies on identifying the user who is behind the keyboard, through a number of interactions with the machine.”

It is important to recogise that zero trust is not just based on the identity, or the proposed identity of the user, but it's also the behaviour of that user, which is not an identity element, said Wellsmore.

“That's how there is a slight difference between the two.”