Visibility and Zero Trust: How Trusting No One Is Restoring Faith In Cybersecurity

For years, IT security architects trusted perimeter defenses to protect enterprise networks and data. The basic premise was simple: build a rock-solid perimeter to protect the trusted network. Once inside you have far-reaching access to a big flat network. In essence, it was like Jack Byrnes’ circle of trust in Meet the Fockers: you are either fully trusted and inside the circle, or you aren’t.

Jack Byrnes: “You can’t start a circle of trust. It’s my circle.”
Greg Focker: “You don’t have a patent on the circle, Jack. And by the way, you’re not even in your own circle right now.”

The price of lost trust

Companies continue to fall prey to hackers. As a result, regulators have lost trust in companies’ ability to secure customer data and are levying steep fines. One recent example: the second largest health insurer in the U.S. must pay the Department of Health and Human Services $16 million for its data breach that exposed protected information of nearly 79 million people.¹

Why the spike in breaches? Put simply, while networks have changed to address business needs, network security hasn’t kept pace. Changes include:

Hyper growth of nontraditional operating systems, such as IoT and operational technologies that render agent-based security management ineffective
Physical vendor access, phishing and insider credential abuse circumvent the network perimeter
Corporations no longer own or control many devices that access their networks (BYOD and contractor-owned systems don’t include corporate security agents)
Cloud computing avoids the network perimeter altogether
Increased hacker sophistication and persistence

Forrester’s Zero Trust Model

Forrester Research analysts were quick to recognize the changing dynamics that have rendered perimeter network defenses ineffective. Their solution is the Zero Trust Model for information security. At its very essence, Zero Trust is based upon the assumption that no person or device is trusted by default with access to the organization’s data. In Forrester’s words, Zero Trust is “a conceptual and architectural model for how security teams should redesign networks into secure microperimeters, strengthen data security using obfuscation techniques, limit the risks associated with excessive user privileges and access, and dramatically improve security detection and response with analytics and automation.”²

If this sounds hard, it is.

To help companies implement such a model, Forrester has defined a Zero Trust eXtended (ZTX) Ecosystem Framework that includes required technologies and vendor recommendations. Forescout is named in several of these categories and is working to be recognized in others as well.

Zero Trust starts with 100-percent visibility

Forrester is emphatic on the topic of visibility in Zero Trust. According to Forrester Analyst Chase Cunningham, “Visibility is the key in defending any valuable asset. You can’t protect the invisible. The more visibility you have into your network across your business ecosystem, the better chance you have to quickly detect the telltale signs of a breach in progress and to stop it.”². In other words, partial visibility doesn’t cut it.

Forescout defines device visibility as the ability to continuously discover, classify and assess every IP-connected device that touches the extended enterprise network. Only by attaining deep visibility of ALL devices—everything from traditional servers, laptops and smartphones to IoT and OT devices, peripherals, network infrastructure, physical and virtual servers and workloads on public clouds—can you trust your asset intelligence and begin to confidently make intelligent security decisions and apply policy-based controls that Zero Trust requires.

Using real-time visibility to enforce trust

Real-time, in-depth visibility enhances every policy-based action the Forescout platform applies and other technologies it integrates. To learn more about how the Forescout platform enables Zero Trust security, check out these resources:

Among other things, these assets explain how Forescout:

Provides agentless discovery of any IP-connected device
Turns device discovery into asset intelligence
Uses continuous visibility to enforce policy-based control
Allows monitoring and visualization of communications between devices and data sources for effective segmentation mapping, planning and policy creation
Acts as a Zero Trust access broker
Works with heterogeneous switching infrastructure and next-generation firewalls to apply dynamic segmentation
Provides Zero Trust automation and orchestration capabilities among other members of the ZTX ecosystem

¹ Associated Press: https://www.apnews.com/
²The Zero Trust eXtended (ZTX) Ecosystem Strategic Plan, Forrester, January 2018.