The Future Is Here, in Zero Trust We Trust


Our world is changing dramatically. Technology has unleashed great progress and opportunities, but also unprecedented risks and danger. With the exponential expansion of data and devices driven by the Internet of Things, the speed of connections enabled by 5G networks, and the rise of automation from artificial intelligence, the attack surface for cyber threats is on a growth curve that is unimaginable.

And it’s not just about the size of our threat environment. It’s about what can happen. We now have nation states acting aggressively and with impunity, targeting government, private industry and vital infrastructure, such as our energy grids. We have situations where they are sponsoring potentially untrustworthy third parties – criminal organizations, “patriotic” hackers, “research organizations” – to do their bidding. We have a complex world in which we are still coming to grips with defining the rules for the next generation of cyber warfare.

As a retired U.S. Army Major General, I believe it is not a stretch to discuss cybersecurity as a matter of life and death, literally. It’s no longer about protecting our networks; now it’s about devices that control cars, control aircraft, provide energy, support nuclear power plants. Devices that control our health – pacemakers, for example.

Lord only knows what we’re going to connect in this environment and some of it is going to be life-threatening, on an individual scale and on a global scale with our transportation, military and other networks and operational systems.

We are at a critical crossroads in our approach toward cybersecurity. It is far more difficult to ensure consistent visibility and security controls across all the varied, diffuse, and evolving environments of mobile, virtual and cloud.

That’s why we need Zero Trust.

Zero Trust Is a Necessity

In this new world, cybersecurity leaders are realizing that the old ways of doing things are no longer working and we need something new. In searching for new models, it is important to remember that the attack methods are pretty much the same as they have always been, the so-called seven-step kill chain of an attack; reconnaissance, weaponization, delivery, exploitation, installation, command and control, and action/execution.

If you understand those steps and have the ability to see and stop a threat at any point along the cyberattack process, then you’ve got an advantage. Your adversaries have to be successful at every step of the way; you only have to stop them at one or more points along the way. That used to be relatively easy to do, although we didn’t always do it very well. Now, with cloud, mobility and virtualization, it is much more challenging.

The old model of approaching defense from the outside-in no longer works. You have to defend from the inside-out, and, to me, that is one of the concepts that makes Zero Trust a necessity.

A Breach Widely Remembered

Every organization needs to understand where its priorities are, where and what are its crown jewels. In the military we call this “cyber key terrain.” These are the functions the military relies on to do its most important missions. We map that to our networks, systems, data and people.

It’s analogous to what we call the “protect surface” in a Zero Trust environment—identifying what needs to be protected and where it is located. When people ask me to describe Zero Trust, I usually tell them this:

In today’s cybersecurity world, you have to have a mechanism whereby only authorized users are allowed to do authorized functions using authorized applications with authorized content on authorized devices. Everything else is not allowed unless it’s by exception. If you have that level of granular control around your crown jewels you are able to manage risk much more effectively.

I first became a believer in the concept of Zero Trust back in 2008. I had just become a one-star general and my first assignment was to a joint task force that was responsible for directing the operations and defense of all the networks within the Department of Defense. Within two months, I got a call, on a weekend of course, to come in to use a secure phone. I knew it was something big…and bad.

That was when we launched Operation Buckshot Yankee to defend against what has been widely described as the worst breach of military computers in history. I put a cot in my office and stayed for months. We found the breach, limited and put it to sleep. If any of our classified information had gotten out, it could have undermined the security of our entire military.

But because the breach was contained from the inside, we could verify that nothing got out. All of the connection points between our sensitive networks and the internet were essentially blocked – by design – so it gave us a high degree of confidence that nothing got out.

‘Never Trust, Always Verify’ 

With Zero Trust, enterprise organizations can now achieve that same high level of confidence by taking a similar inside-out approach to cybersecurity.

Adversaries may be able to get in, but with the right cybersecurity approach – whether we are talking about Operation Buckshot Yankee or Zero Trust – it will be exponentially more difficult for them to be successful and get out.

You can’t stop the steps in an attack process because they are going to happen. And people on the inside are going to make mistakes; they are going to click on the wrong links, they are not going to stay up to date on security patches, they are going to do something for either innocent or guilty reasons.

You have to assume people are going to do the wrong things, and therefore your view of what you put in place to stop threats has to be consistent and continuous across the environment.

We may not know where the next attack is coming from, who is behind it, or how big it’s going to be — but we must know that we have the mechanisms in place to make sure we can stop it in its tracks before it moves too far along the cyberattack process.

That’s why Zero Trust is so critical to cybersecurity success. In the world we live in, the stakes for cybersecurity has never been higher. As the Zero Trust motto goes: “Never trust, always verify.”

Retired U.S. Army Major General John Davis is the Vice President and Federal Chief Security Officer for Palo Alto Networks.