NSA Updates Zero-Trust Advice to Reduce Attack Surfaces

NSA Updates Zero-Trust Advice to Reduce Attack Surfaces

April 10, 2024 at 04:32PM

The National Security Agency has issued new guidance for implementing a zero-trust cybersecurity framework, emphasizing the prevention of unauthorized data access. Recommendations include encryption, data labeling, loss prevention strategies, and data rights management tools. These align with zero-trust concepts to counter sophisticated cyberattacks. The agency urges a proactive approach based on the assumption of inevitable breaches.

The National Security Agency (NSA) has recently released its latest guidance for organizations aiming to adopt a zero-trust cybersecurity framework. The focus is on preventing unauthorized access to data, both in transit and in storage, through measures such as encryption, tagging, labeling, data-loss prevention strategies, and data rights management tools. The NSA’s recommendations are designed to align with zero-trust frameworks to strengthen the defense capabilities of government agencies and enterprises against increasingly sophisticated cyberattacks.

The director of cybersecurity at the NSA, Dave Luber, emphasized the need for organizations to assume that breaches will occur and to implement the pillars of the zero-trust framework as a means to combat malicious cyber activity. The report emphasizes the importance of the “data pillar” and represents the NSA’s ongoing effort to develop best practices for zero-trust security, which began with the release of “Embracing a Zero Trust Security Model” in February 2021.

Additionally, the NSA’s updated guidelines highlight the distinction between macro- and microsegmentation of networks. Macrosegmentation is intended for workgroups and departments, while micro-segmentation further separates traffic to limit users’ access rights, thus reducing an organization’s attack surface.

Full Article

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×