Hackers are breaching our nation’s critical infrastructure and with security threats lurking in the enterprise, Zero Trust adoption continues to rise. According to Cybersecurity Insider’s Zero Trust Adoption Report, 78% of IT security teams plan to implement a Zero Trust model. So, thwarting threats with a zero-trust security posture seems to be a viable option for businesses.
By Dr. Bob Baxley, CTO at Bastille Networks
But without true visibility, Zero Trust has zero chance of fully protecting an organization. Integrating and deploying Zero Trust enforces location-aware network access control policies for devices in secure environments.
The premise of the Zero Trust security model is simple enough: Organizations should not automatically trust any devices inside or outside a company’s perimeters. Instead of trusting a device’s authenticity, CISOs and IT security pros must continuously verify anything and everything that is on their network.
But as we’ve said before, “you can’t protect what you can’t see,” and unfortunately, without the right tools, radio frequency (RF) network traffic and devices are invisible.
Many organizations have overlooked RF devices in their Zero Trust security posture, resulting in a sense of misplaced trust. Today, there are new “Insider Threats” – compromised systems and user devices that have RF interfaces within an enterprise.
This includes Bluetooth and IoT devices, vendor and third-party equipment, shadow IT equipment, and industrial control systems such as HVAC. These RF devices all offer bad actors a vector to sensitive information, as it is possible to exfiltrate data over RF.
Current solutions on the market can passively observe rich RF data to discover threats and define policy for the authorized and unauthorized devices operating in or close to an organization’s environment. When integrated with an NAC such as Aruba ClearPass, this enables a complete Zero Trust policy to be maintained over all devices, whether they are already known to be using facility Wi-Fi, or radio systems beyond existing Zero Trust policies, such as Bluetooth, Cellular, and IoT devices.
Safeguarding Organizations With Zero Trust Security Posture
Here are some essential steps on how implementing a Zero Trust approach can safeguard organizations from similar attacks:
- Determining Where RF Exists: Traditional security technology is incapable of detecting devices operating within the RF spectrum. Knowing which devices are communicating and attached to your organization’s infrastructure is critical in protecting against a cyber pitfall.
- Evaluating RF Solutions: When assessing RF technology, CISOs and IT teams must examine solutions that will counteract radio-borne attacks to their facilities, intellectual property, trade secrets and sensitive data. Adopting RF technology is all the more necessary for the government sector. Their data and devices are very critical from a national security viewpoint. Thus, detecting devices in real-time from the realms of known and unknown threat landscapes is crucial.
- Embracing Zero Trust: As with endpoints and network traffic, in order to have a Zero Trust posture, you must have tools in place to continuously monitor and evaluate whether RF devices are conforming to your security policies. Policy examples include preventing RF devices from operating in restricted areas, ensuring that RF devices only connect with intended and approved devices, detecting the existence of unauthorized or rogue devices in your enterprise.
Establishing a Zero Trust security posture equips organizations and critical infrastructures to mitigate cyber attackers looking to compromise vulnerable RF devices. In today’s remote-focused world, it’s critical for organizations to embrace a Zero Trust security approach to secure operations and improve safety and accessibility from rogue access.
The bottom line: To maintain a Zero Trust posture, organizations MUST have RF network and device visibility.
About the Author
For more than a decade, Dr. Bob Baxley has been a technology leader in implementing machine learning algorithms for software-defined and cognitive radios. At Bastille, Bob serves as Chief Technology Officer where he leads the development of systems to sift through massive amounts of radio frequency data to protect enterprises from radio threats. Prior to joining Bastille, Bob was the Director of the Software Defined Radio Lab at Georgia Tech, where he led basic and applied research projects for organizations including NSF, ONR, Army, DoD, Air Force, and DARPA. He has published more than 100 peer-reviewed papers and patents is the recipient of various research awards and is a Senior Member of the IEEE. He also led the GTRI team that competed in the DARPA Spectrum Challenge and placed second out of 90 teams.
Disclaimer
This article has been researched and written by the said author and CISO MAG does not take any responsibility of the facts, figures, and content. The views expressed are purely the Author’s and CISO MAG does not endorse or take responsibility for it.