As organizations in every sector face the growing risks of criminal and nation-state attacks on their networks and data, there is growing momentum behind the “never trust, always verify” approach to cybersecurity.
This is the ‘zero trust’ security model and it is based on the premise that by default nothing interacting with IT infrastructure is trusted, regardless of whether it’s inside or outside a network. The phrase was employed by Forrester Research 2010 and has become one of the security industry’s most important approaches to addressing the rising levels of security breaches.
“A Zero Trust Architecture (ZTA) strategy is one where there is no implicit trust granted to systems based on their physical or network location (i.e., local area networks vs. the Internet). Access to data resources is granted when the resource is required, and authentication (both user and device) is performed before the connection is established.” – National Institute of Standards and Technology (NIST).
As such, zero trust sees the world differently from other approaches to cybersecurity as trust boundaries across networks and access points have become increasingly complex and vulnerable to attack.
Why is the Zero Trust Model Becoming More important?
Global trends such as hybrid-remote working mean that many networks have become more complex and operate with a greater number of potential attack vectors than ever before.
As a result, cybercriminals have been increasingly successful in exploiting weaknesses in reactive cybersecurity strategies to gain access to networks and data via architectures. In fact, without a zero trust approach, organizations run the risk of attackers having free reign across a network once they are inside.
Add to that an environment where the threat landscape is becoming more sophisticated, and it’s easy to understand why many organizations are looking to limit the role of trust in their security strategy.
Take file-based cyber security threats, for instance, which are growing faster than ever. With approximately 1 in every 100,000 files containing potentially malicious content, 98% are unknown by anti-virus solutions for up to 18 days before they are updated to mitigate potentially devastating risks.
That’s an approach that is incompatible with the zero trust model. Add to this the inherent weaknesses caused by ineffective cyber hygiene means organizations are looking to eliminate the security lapses caused by human error and significantly increase their overall levels of protection.
A major part of the problem is that today’s reactive, detection-based security solutions can’t keep up: Antivirus puts users at risk with every new threat while sandboxing exposes organizations to risk from advanced malware and disrupts business productivity. These complex security solutions also add stress to busy security teams.
Last year’s cybersecurity Executive Order identified zero trust as an important contributor to cybersecurity best practices. Among its wide-ranging requirements, the EO stipulated that each Federal agency was directed to “develop a plan to implement zero trust architecture” within 60 days of its publication.
Collectively, these issues are accelerating the adoption of zero trust. Gartner has predicted that spending on Zero Trust Network Access (ZTNA) solutions will rise from $820 million in 2022 to over $1.6 billion just three years later, representing a dramatic acceleration in investment.
How Does Glasswall Content Disarm and Reconstruction (CDR) Support the Zero Trust Model?
The problem is that detection-based security methods – such as antivirus and sandboxing solutions – have to play catch up with new and unknown threats and malware that contains malicious code. In contrast, Glasswall’s proactive Content Disarm and Reconstruction (CDR) technology instantly cleans and rebuilds files (PDF, Excel etc) to match their ‘known good’ industry specification – automatically removing potential cyber threats. This simple approach ensures every document entering or leaving the organization is safe, without sacrificing productivity.
Adding a Content Disarm and Reconstruction (CDR) capability to the cybersecurity stack plays a vital role in a rounded zero trust cybersecurity strategy, particularly in the fight against malicious file uploads. As recently highlighted by Gartner, organizations are advised to: “Restrict the file types to the minimum required. For allowed file types, there are essentially four options to limit the risk of malware upload: CDR provides the highest security. Done well, CDR removes all threats from uploaded files without adding significant latency. Since it does not depend on the detection of known threats, it can even protect against completely new attack types.”
Protection that doesn’t wait for detection
Glasswall CDR technology instantly removes risk by using a four-step process:
Step 1 – Inspect
Three layers of the incoming file are inspected to verify that its digital DNA complies with the manufacturer’s specification, and the system corrects any deviations instantly.
Step 2 – Clean
High risk active content such as macros and embedded links are cleaned and removed from the original file (based on company policy), so only the users who need active content receive it.
Step 3 – Rebuild
The file is rebuilt to the authorised manufacturer’s standard, ensuring the file is clean and threat-free.
Step 4 – Deliver
The user instantly receives a safe, identical file that’s compliant, standardized, and trusted. This reduces the risk of malicious code hidden in malware from entering, therefore maintaining business continuity.
The result is a powerful ability to close the security blindspots exploited by cybercriminals who know that reactive antivirus and sandboxing technologies cannot identify new vulnerabilities hidden in file ‘DNA’ for days or even weeks after they have been released.
Trusted by the world’s leading intelligence agencies
Glasswall’s CDR platform has been tested, validated and implemented by a range of the world’s leading intelligence agencies, who have successfully protected against all efforts to penetrate the technology even when custom written exploits have been used to test the product. The analytics and policy management output and level of security delivered by Glasswall has always exceeded expectations – no other CDR technology has undergone such extensive, independent testing.
To learn more about how Glasswall Content Disarm and Reconstruction solutions can help organizations deliver an effective zero trust strategy, click here.