The National Security Agency (NSA) has released a guidance on the zero-trust model for network security and said that systems leveraging the concept are better positioned to address threats but implementing the framework entails careful planning.
NSA said in its report that while the data-centric model for cybersecurity results in comprehensive monitoring, transitioning to such systems could provide risks of weakened security postures.
According to the guidance, adopting a mindset focused on zero trust requires an understanding of the modern threat landscape as well as a coordinated system for monitoring and management.
Other requirements include assuming malicious intent in networks, assuming risks for compromise in all devices, accepting the risky nature of access approvals and ensuring preparedness in conducting rapid damage analysis and recovery functions.
NSA also cites persistent adherence to a zero-trust mindset as a key requirement for implementing the concept.
“Administrators and defenders may become fatigued with constantly applying default-deny security policies and always assuming a breach is occurring, but if the Zero Trust approach falters, then its cybersecurity benefits become significantly degraded or eliminated,” the report states.