Blog Dorin M
  • Blog
  • Login
  • Cyber Security Menu
    • Cyber Security News
    • Cyro and Cyrene
  1. You are here:  
  2. Home
  3. Blog

Blog

Zero Trust Article

What could prevent ZTA (Zero Trust Architecture) – Case study.

Details
Written by: Merticaru Dorin Nicolae
Category: Blog
Published: 07 January 2022
Hits: 403
  • Zero Trust
  • Cyber
  • Security
No comments on “What could prevent ZTA (Zero Trust Architecture) – Case study.”

The SolarWinds hack and the constant stream of revelations about the tools and tactics used are a good case study even though it's been more than a year since the event (plus the attackers had other targets).

What draws attention to our topic (Zero Trust) is the involvement of Greg Touhill, chairman of the Appgate Federal Group, who said that he was not surprised by the SolarWinds event but only disappointed.

He was already fully involved in Zero Trust's strategy and was extremely concerned about the integrity of the supply chain of the products and services of the company where he worked.

What is important to note is that he and his working group had identified numerous risks to the existing supply chain, especially from the point of view of the insertion of a malware/backdoor at the level of a provider (thus, an external entity, with certain presences in cybersecurity policies).

It even predicted the risk of a threat actor entering a provider's software development lifecycle and deliberately introducing a backdoor.

Read more: What could prevent ZTA (Zero Trust Architecture) – Case study.

  • About the Author: Dorin M - Merticaru Dorin Nicolae
Zero Trust Article

Threats associated with ZTA.

Details
Written by: Merticaru Dorin Nicolae
Category: Blog
Published: 06 January 2022
Hits: 369
  • Zero Trust
  • Cyber
  • Security
No comments on “Threats associated with ZTA. ”

Logically, the discussions we have started here would be related to the elimination of the idea, the term, etc., of the threat (this is the effort of the debates about Zero Trust).

So, what would be the rationale for using this new term, of "threat", "threats" associated with Zero Trust?

Especially since perimeter, for example, has often shown that it is effective close to a limit... So do the appropriate policies... Or the old cybersecurity efforts that have been developed over time, since cybernetics took the unbridled momentum of the present moment.

Proof of the fact that there is something wrong is the fact that cybercrime is beginning to overcome the limitations of the imagination but, above all, it reveals to us the fragility of what already exists. The fragility that, already, also gives thought about the governmental, state levels (see the measures at the state, the governmental level that is imposed with the character of law).

And everything is "based" on an undeniable truth: The world of cybernetics is advancing far beyond human possibilities of adaptation, in fact, its requirements are those that permanently exceed us, without considering the financial possibilities of modifying the old and new structures of adaptation, evolution, etc., for example, to the new structures called Zero Trust, SASE, etc.

Read more: Threats associated with ZTA.

  • About the Author: Dorin M - Merticaru Dorin Nicolae
Zero Trust Article

Zero Trust Principles

Details
Written by: Merticaru Dorin Nicolae
Category: Blog
Published: 05 January 2022
Hits: 341
  • Zero Trust
  • Cyber
  • Security
No comments on “Zero Trust Principles”

As a recap, Zero Trust is a security model, a set of principles for designing a system, and a coordinated strategy for cybersecurity and system management based on recognizing that threats exist both within and outside the traditional boundaries of the network.

Zero Trust repeatedly questions the premise that users, devices, and network components should by default be trusted based on their network location.

Many definitions and discussions about Zero Trust (ZT) underline the concept of eliminating perimeter defenses of wide-area (e.g., firewall) with a definition in relation to existing perimeters (micro-segmentation, micro perimeter), as part of the functional capabilities of ZTA (Zero trust Architecture).

Zero Trust incorporates comprehensive security monitoring, granular, dynamic, and risk-based access controls, system security automation in a coordinated manner and in all aspects of the infrastructure to focus specifically on protecting critical assets (data) in real-time in a dynamic threat environment.

Read more: Zero Trust Principles

  • About the Author: Dorin M - Merticaru Dorin Nicolae
Zero Trust Article

Introduction in Zero Trust Architecture (ZTA)

Details
Written by: Merticaru Dorin Nicolae
Category: Blog
Published: 04 January 2022
Hits: 360
  • Zero Trust
  • Cyber
  • Security
No comments on “Introduction in Zero Trust Architecture (ZTA)”

Zero Trust is the intention to move defenses from static perimeters (the concept of de-perimeters), based on the network, to focus on users, assets, and resources (data and service protection).

This idea of de-perimetering arises because, traditionally, everything seems to be focused on perimeter defense and authenticated subjects have access to a certain level of authorization to a more or less wide collection of resources once they are in the internal network.

As a result, unauthorized lateral movement in the environment attracted a significant amount of problems, and thus the imperative of zero trust appeared.

Therefore, such an architecture, zero trust (ZTA – Zero Trust Architecture) will use zero-trust principles to plan infrastructure and workflows, the basic intention being to prevent data breaches and to limit internal lateral movement, and, consequently, to prevent unauthorized access to data and services,  together with the most minimal access. That is, approved and authorized subjects (combinations of users, applications, and or services as well as devices that can access the data to the exclusion of all other topics, that is, attackers).

Read more: Introduction in Zero Trust Architecture (ZTA)

  • About the Author: Dorin M - Merticaru Dorin Nicolae
Zero Trust Article

Zero Trust before anything

Details
Written by: Merticaru Dorin Nicolae
Category: Blog
Published: 03 January 2022
Hits: 363
  • Zero Trust
  • Cyber
  • Security
No comments on “Zero Trust before anything”
After just one year of maintaining a cybersecurity newsgroup, I have clearly and certainly come to the idea that this concept of "Zero Trust" is the best way to tackle the craze of today's cybernetics, literally (at least from a personal point of view).
 
A madness both from the point of view of the real, palpable problem, which often no longer takes into account the real protection capacity (on the "vertical") under the assault of the opposing factors (cyber aggressors, vulnerabilities, etc.) and from the point of view of the explosion (numerical, quantitative, conceptual, blah, blah) of the services (on the "horizontal") that must be permanently adapted to new and new cybersecurity solutions.
 
So, only from the previous rows, you can quickly deduce what would be needed, first and foremost the Zero Trust, the initial total closure, and, only later, expansion to "open" areas, exploitable, requested, etc.
 

Read more: Zero Trust before anything

  • About the Author: Dorin M - Merticaru Dorin Nicolae

Select your language

  • Română (România)
  • English (United Kingdom)
My Blog

Login Form

  • Forgot your password?
  • Forgot your username?

Main menu en-GB

  • Home

Popular Tags

Ransomware 60 Securitate 57 Cibernetica 57 Malware 37 Log4j 35 Cyber 30 Security 28 Phishing 27

Older Posts

  • What could prevent ZTA (Zero Trust Architecture) – Case study.
  • Threats associated with ZTA.
  • Zero Trust Principles
  • Introduction in Zero Trust Architecture (ZTA)
  • Zero Trust before anything
  • Login