Steffen Ullrich is an IT security researcher and Technology Fellow at the Munich-based security specialist Genua.

What consequences does the Zero Trust approach have for the architecture and organization of network security?

Ullrich: The traditional network-based security approach relies on sufficient basic security by controlling all devices in the network, combined with strong controls and restrictions at the network perimeter (network boundary). However, the increasing complexity and networking as well as the external management of infrastructure, devices and software lead to an increasing loss of control over the operator's own network, while at the same time increasing demands are placed on the availability, reliability and security of the systems.

The service-centric approach of Zero Trust Networking, on the other hand, focuses on the security aspects required for the respective service, i.e. controlling who can access a service from which devices and from which environments, as well as securing communication to the service. This allows the attack surface to be proactively reduced with a high level of granularity. This is accompanied by alignment with business processes (services) and organizational structures (identities), which offers a simpler, more comprehensible and more flexible harmonization of operational requirements and security.

What special challenges does Zero Trust pose for OT environments in particular?

Ullrich : OT environments are generally much more mission-critical than IT environments. Accordingly, there is a great deal of caution when making changes. This is reflected in a low rate of change and therefore also in the age of the devices and software used. As a result, the software often dates back to a time when cyber security was only given a low priority in development. The attack surface is correspondingly high.

In the course of digitalization, however, the networking of older systems is also desirable. Due to the large attack surface, simply connecting these systems to an existing network poses a threat to both the systems themselves and the entire network. Zero Trust Networking allows a fine-grained and restrictive integration and thus offers a helpful mitigation for the low self-protection of the systems. For example, our remote maintenance solution genubox makes it possible to make a single system or individual services granularly accessible to an authenticated remote maintainer without risking an attack on other systems in the network.

In addition to such a dedicated connection of individual systems to the outside world, secure integration of devices into local networks is often desired. The concept of zero-trust-based microsegmentation offers the granular control required for this. It even allows transparent hardening of existing networks. Let me describe this using the example of our cognitix Threat Defender. This is inserted into an existing network without having to make any changes to the end devices. Initially, the Threat Defender analyzes the communication paths within the network and out of the network. In the next step, these paths can be proactively restricted to the desired communication. This remaining permitted communication can then be additionally monitored for known attack patterns and any suspicious systems can be automatically isolated or restricted in their communication.

What should companies bear in mind when implementing a Zero Trust architecture?

Ullrich : As with all major changes, it is necessary to first understand the current situation sufficiently and derive specific goals for improvements. Which specific zero trust concept is then used depends on the specific use cases and the requirements for scalability, transparency and interaction with legacy applications.

The software-defined perimeter concept is suitable for dedicated external access to an internal system or service, e.g. for remote maintenance. It is also suitable for internal device access to cloud services, although in the case of web-based access, zero-trust concepts such as BeyondCorp or BeyondProd are potentially simpler and more scalable. Micro-segmentation, on the other hand, is well suited to the subsequent transparent hardening of existing networks. It is possible to gradually introduce Zero Trust into a network. And depending on the use case, several implementation concepts can also be mixed. This can also be used to achieve a so-called defense in depth by overlaying several security layers.

Genoa at the SPS 2021: Hall 6, Stand 151