7th principle: collect as much information as possible and use it to improve the security posture

“You can’t manage what you can’t measure”

is a quote often attributed to Peter F. Drucker. The quote implies that without a clearly established metric for success, you cannot quantify progress and manage your process to produce the desired outcome.

As we know from the six principles already described in my previous posts the Zero Trust approach has to consider all critical data, applications, assets and services while defining the protect surface and its trust model and during operation once ZTA is implemented. Thus, the enterprise collects as much information as possible about the current state of assets, network infrastructure and communications and uses it to improve its security posture.

An enterprise should collect data about asset security posture, network traffic and access requests, process and evaluate that data continuously, and use any insight gained to improve policy creation and enforcement. In Zero Trust, there is no “unknown traffic.” If you don’t know what the traffic is, it shouldn’t be allowed to access the protect surface (see tenet 2 “default to deny”). Unknown traffic validates that the trust model is broken and needs to be repaired.

In my next posts I shall describe a step-by-step procedure for implementing ZTA, stay tuned.

#security #securityengineering #itsecurity #zerotrust #cybersecurity #securityconsulting #achelos