A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Zero Trust Attack Surface Management: Five Easy Steps Breadcrumb Home Insights Blog Zero Trust Attack Surface Management: Five Easy Steps October 4, 2021 Zero Trust should be applied to organizational attack surface management (ASM) programs. Kane Lightowler of Palo Alto Networks offers five key steps to deploying effective ASM with Zero Trust. In May the White House issued an executive order outlining a new Federal Government cybersecurity posture with respect to contractors. One of the key tenets of the order was Zero Trust. The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred, so it constantly limits access to only what is needed and looks for anomalous or malicious activity. Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment. Zero Trust Framework for Attack Surface Management Zero Trust architecture for traditional networks is well defined, but the model should also be applied to attack surface management (ASM) programs since the attack surface is the foundation for all security deployments. These five steps can guide deployment of a Zero Trust framework for your ASM practice. Define the Attack Surface Comprehensive visibility into all known and unknown assets is crucial before you build out any security practice. Without granular visibility into all assets, including constantly changing cloud assets, it’s impossible to ensure attack surface security. ASM solutions provide a comprehensive accounting of internet-connected assets, and this system of record should be the validation method for your Zero Trust processes. Establish Traffic Flow Monitoring Traditional Zero Trust architecture employs inside-out monitoring to capture malicious traffic. However, thanks to the increase in ransomware attacks through publicly accessible command and control nodes, it’s also important to monitor malicious communications using an outside-in approach. Assign Policies An asset exposed to the internet isn’t dangerous in itself, but it’s a threat when it’s exposed without being monitored. Organizations must define custom policies that keep them secure and agile. Using a central policy engine to globally enforce policies and alert on violations is crucial. Automate Prioritization and Remediation An ASM solution shouldn’t just discover issues, it should also automatically assign them for remediation. Without remediation, an organization cannot secure its attack surface. Continuous Monitoring Perhaps the most important component of a Zero Trust architecture is the ability to independently and continuously monitor your attack surface. Your ASM solution must be able to alert on exposed assets and also allow you to verify the successful remediation of a risk. These five steps help organizations answer the important who, what, when, where and how questions critical to securing their attack surfaces. In the near term, the White House executive order establishes rules governing contractor interactions with federal agencies. But it also shines a light on the path forward for all organizational cybersecurity programs. Attack surface management is a core element of the fight against hackers – today and in the future – and if you don’t have a robust solution in place already, it’s a conversation worth having as soon as possible. By: Kane Lightowler Vice President - GTM Cortex | Palo Alto Networks Share: Attack Surface Zero Trust Partner Series identity
Would you like to speak to an advisor? How can we help you today? Image E-Book Cybersecurity Field Guide #13: A Practical Approach to Securing Your Cloud Transformation Download Now Image Events Register for an Upcoming OptivCon Learn More Ready to speak to an Optiv expert to discuss your security needs?