Zero TrustStarted in April 2022
Zero Trust (ZT) is neither a technical solution nor a service, but rather a different way of working. Hence, ZT represents a “natural evolution” across all industries, and all company sizes, of how security should be done. One of the objectives of the PCSI ZT project is to chart a "transition model" that PCSI partners can use to make their shift to ZT not only possible, but complete and true.
ZT is all about making dynamic informed decisions in a constantly changing world based on all the layers of protection an organization already has to prevent unauthorized or unexpected activities. This can be a game-changer. It future-proofs organizations against not yet known threats and attacks. Whenever detected behavior or attributes diverge from what is expected, ZT provides the system with real-time reactive prevention capabilities. For example an attacker’s behavior diverging from the behavior of a normal user will be detected and stopped by terminating the access of the attacker.
While ideas of what ZT should be have been introduced over a decade ago by the Jericho group1, the realization of such an approach has never been more out of reach due to the wild diversity of how organizations implement their technical infrastructure and their security countermeasures. We think that a vendor-agnostic ZT approach is required for ZT to finally really happen, and we intend to make this possible by demonstrating how a ZT orchestration layer should work.
Most vendors claim to provide such a ZT orchestration layer within their products, although these products do not interact well (or at all!) with technologies and/or products outside the scope of their direct commercial interests. Our innovative idea aims to solve this market issue by providing the PCSI partners with an orchestration layer for ZT, built from existing tooling, that properly meets the requirements in terms of agnosticism, both technical and commercial.
All PCSI partners have been actively looking at ZT for some time and consider the transition to it as a step forward in their security strategies. Identifying the requirements for ZT and how to fulfil them has been at the forefront of our project. Now we are joining forces to create the one ZT enabler that is still missing.
Activities in the Explore phase
Within the double Explore phase this project came to the informed conclusion that the orchestration layer at the top of the ZT list of required enablers is a crucial “building block” that everyone misses to proceed forward in their respective ZT implementation roadmaps.
Activities in the POC phase
We intend to create a Proof of Concept for a zero-trust orchestrator that can make dynamic and informed decisions based on trustworthiness to prevent unauthorized or unexpected activities. At the end of the POC phase we want to provide the PCSI partners with tools that form a starting ground for the implementation of a ZT architecture.
This project is part of the trend