AppGate Blog: Software-Defined Perimeter

Written by Daniel Brody on January 26, 2019

Applying Zero Trust Outside the Wire

The most effective security strategies start with the assumption that your organization has already been attacked.

Zero Trust is a foundational method for protecting today’s distributed, cloud-enabled, and mobile IT landscape. Under Zero Trust, it is assumed that attackers have already penetrated the perimeter to steal sensitive data; accordingly, legitimate users can only access the resources they need within a network and are prohibited from moving laterally unless otherwise verified. Zero Trust-based security architectures such as Software-Defined Perimeters are essential for protecting sensitive assets inside the wire, but are they enough?

Inside, Outside, All Around the Wire

In today’s digitally connected world, the perimeter is not the only place a breach can occur. In fact, adversaries can cause damage without ever getting near a network. Social media, websites, blogs, mobile applications, and countless other external digital elements are vulnerable to social engineering attacks such as phishing. Increasingly, threats outside the wire are the first step adversaries take to get themselves inside a network, making it clear that Zero Trust must also apply to resources your organization accesses outside the increasingly amorphous perimeter.

Not surprisingly, threats coming from outside the perimeter require a different strategy than those within your network. Regardless of the vector, your decentralized and far-reaching external digital footprint is considerably less controllable than your locked-down, airtight network, meaning they’re more vulnerable to cybercriminals looking for personal gain. These attacks take many forms: brand impersonation; tricking employees and customers into disclosing sensitive information; impersonating employees for the purpose of deceiving colleagues into taking action on behalf of a cybercriminal; or the manipulation of external-facing, online properties used to deliver malware or extract data.    

The Three Elements of Zero Trust

Enter Zero Trust, a mindset to help your organization protect itself from outside threats. A recent Forrester report, “Zero Trust Outside the Wire: Combatting Cyber Influence and Espionage Threats” provides a great primer on tactics and technology for implementing a Zero Trust strategy to protect against external attacks. Forrester calls this approach “Digital Risk Protection,” and it contains three essential elements:

  • Complete digital footprint mapping: The first step to knowing what doesn’t belong online is knowing what does. You can never assume that the extent of your online digital assets is simply what your organization has placed there. Take inventory of your organization’s online presence and develop solid criteria to instantly know what doesn’t belong and should be flagged as risky.
  • Monitoring online channels for attack indicators: Never assume that the elements making up your digital footprint are secure unless you can prove it. You must constantly identify and monitor every social media page and post, mobile application, website, email or mention—especially when your organization didn’t create it—for signs an attack may be underway.
  • Rapid mitigation of identified threats: Attacks are most effective right after launch, so the quicker they are removed, the less chance any of your employees or customers have of being victimized. Automating as much of the mitigation process as possible can make it even faster, so threats are eliminated before your organization is aware they exist.

Effective Digital Risk Protection helps organizations to apply the same Zero Trust principles that prevent threats from spreading inside the wire to those outside it. Through rapid detection and remediation of social engineering attacks on the digital footprint, risk exposure of these channels is greatly reduced, and organizations can continue to fully leverage them without worrying that they are enabling breaches and phishing. For more information about how Digital Risk Protection can help your organization improve visibility and remediation of online risks, click here.