CCCU

Week-12 Zero Trust (ZT)

Course Code: P19133

Course Name: Cybersecurity Fundamentals 

Credits: 20

Module Leader: Ali Jaddoa
CSF-19133
CCCU

Today's

1. Zero Trsut

2. Assessment-2 workshop

CSF-19133
CCCU

Challenges in the New Normal

The Evolving Threat Landscape

  • Ransomware and data breaches are increasingly sophisticated and costly.
  • Example: Average breach cost increased to $4.24 million in one year.
  • Security teams face advanced threats requiring better tools and expertise.
CSF-19133
CCCU

Complexity in Security Ecosystems

  • Enterprises use an average of 45+ security tools, leading to inefficiency.
  • Alert fatigue and disconnected systems hinder effective response.
  • Cloud and remote work have driven a 19% rise in tool requirements.
CSF-19133
CCCU

Cybersecurity Talent Shortage

  • Global shortfall of 2.72 million cybersecurity professionals.
  • Two-thirds of security teams are understaffed.
  • Talent shortages exacerbate response challenges in a complex threat landscape.
CSF-19133
CCCU

The Need for Change

  • Work has shifted to an activity rather than a location.
  • Users, apps, and data are dispersed across cloud and SaaS.
  • Traditional solutions like VPNs fail to provide sufficient security and flexibility.
CSF-19133
CCCU
CSF-19133
CCCU

What is Zero Trust Network Access (ZTNA)?

A security framework that enforces "never trust, always verify" principles to provide secure remote access.

  • Access is granted only to authenticated users and devices, based on granular policies.
CSF-19133
CCCU

What is Zero Trust Network Access (ZTNA)?

  • Key Features:

    • Ensures least-privilege access.
    • Protects sensitive data by default.
    • Prevents lateral movement and unauthorised access.

  • Importance: Adapts to modern hybrid workforces and decentralised applications, mitigating risks in an expanded attack surface.

  1. ZT 1.0
  2. ZT 2.0
CSF-19133
CCCU

ZTNA 1.0: A Legacy Approach

  • Designed for outdated work models and threat landscapes.
  • Utilises an Access Broker to verify and grant application access.
  • Struggles to adapt to modern hybrid workforces and advanced threats.
CSF-19133
CCCU

ZTNA 1.0 Challenges

  • Grants broad access, violating the principle of least privilege.
    • Dynamic ports/IPs require granting broad access ranges.
    • Exposes more resources than intended, increasing risk.
  • Incorporates an allow-and-ignore model
    • Behaviour can change mid-session, compromising security.
    • Modern threats exploit allowed activity to bypass detection
  • Does not provide security inspection (doesn't inspect application traffic)
    width:1OO% center
CSF-19133
CCCU

ZTNA 2.0

  • Adapts to modern hybrid workforces and cloud-based environments.
  • Overcomes limitations of ZTNA 1.0 with enhanced security features.
  • Provides granular, dynamic access control for all applications.
  • Ensures consistent security across diverse environments.
CSF-19133
CCCU

ZTNA 2.0: Fully Realising Least-Privilege Access

  • Identifies applications, users, and devices at Layer 7.
  • Provides fine-grained controls to limit access to only necessary resources.
  • Continuously gathers contextual information for better access decisions.

width:1OO% center

CSF-19133
CCCU

ZTNA 2.0: Enabling Continuous Trust Verification

  • Removes implicit trust with the principle: "Never trust, always verify."
  • Monitors user, device, and application behaviour in real-time.
  • Detects changes or compromises after access is granted.
    width:1OO% center
CSF-19133
CCCU

ZTNA 2.0: Ensuring Continuous Security Inspection

  • Inspects traffic throughout the session for advanced threats.
  • Leverages AI and machine learning for zero-day threat prevention.
  • Protects against malware and ensures compliance with policies.
    width:1OO% center
CSF-19133
CCCU

ZTNA 2.0: Protecting All Data and APPs

  • Consistent data protection across all applications (custom, SaaS, cloud-native).
  • Enforces uniform data loss prevention (DLP) policies.
  • Eliminates the need for multiple-point solutions, simplifying security.
    width:1OO% center
CSF-19133
CCCU

Zero Trust Solutions

1. Palo Alto Networks (Prisma Access)

  • Features:
    • Direct-to-app connectivity with continuous trust verification.
    • Layer 7 application visibility, AI-driven threat detection.
  • Best For: All-in-one Zero Trust platform.
  • URL: Palo Alto Networks Prisma Access
CSF-19133
CCCU

2. Zscaler (Zscaler Zero Trust Exchange)

  • Features:
    • Cloud-native architecture, inline threat prevention.
    • Comprehensive SaaS and Internet access security.
  • Best For: Cloud migration and hybrid workforces.
  • URL: Zscaler Zero Trust Exchange
CSF-19133
CCCU

3. Microsoft (Azure Active Directory + Microsoft Defender)

  • Features:
    • Identity-based access with Conditional Access policies.
    • Continuous device compliance monitoring.
  • Best For: Organisations using Microsoft 365 or Azure.
  • URL: Microsoft Zero Trust
CSF-19133
CCCU

4. Cisco (Duo Security)

  • Features:
    • MFA, secure single sign-on (SSO).
    • Continuous endpoint health checks.
  • Best For: Small to medium-sized businesses starting Zero Trust.
  • URL: Cisco Duo Security
CSF-19133
CCCU

Lab

  1. See ZT lab here
  2. Assessment-2 Workshop
    • View your assessment-2 brief here
    • Deadline is 13th of Jan 2025
CSF-19133