Embracing identity-centric zero trust: A glimpse into the future of the modern cyber security perimeter

Michael de Neuilly Rice, Cybersecurity Architect, NEC XON.

---

In the fluid cyber security landscape, the focus has shifted from fortifying network perimeters to acknowledging the critical role of identity and user authentication. Threat actors no longer exploit vulnerabilities, they log in using legitimate credentials. This paradigm shift calls for innovative security approaches. One approach gaining prominence is identity-centric zero trust.

The rise of a flourishing black market on the Dark Web has democratised cyber crime, making it accessible to a broader spectrum of individuals. Cyber crime as a service organisations, coupled with user-friendly tools, have lowered the barrier to entry, allowing anyone with compromised identities to become a successful hacker.

Microsoft's "Evolving Zero Trust" white paper defines core principles for a successful zero trust strategy:

• Verify explicitly: Make security decisions using all available data points, including identity, location, device health, resource, data classification and anomalies.
• Use least privilege access: Limit access with just-in-time and just-enough-access (JIT/JEA) and risk-based adaptive policies.
• Assume breach: Minimise blast radius with micro-segmentation, end-to-end encryption, continuous monitoring and automated threat detection and response.

Identity-centric zero trust builds on zero trust principles, making user identity the new perimeter. Strict controls and continuous authentication mechanisms ensure that only authorised entities gain access to sensitive resources.

• Adaptive authentication – behavioural analysis: Implement advanced authentication methods that analyse user behaviour to detect anomalies, ensuring access is granted only to legitimate users.
• Multi-factor authentication (MFA) – enhanced security layers: Integrate MFA protocols, focusing on passwordless and phishing-resistant methods like Windows Hello for Business and FIDO2 keys. Extending MFA to all sections of the organisation is vital to sustain the identity-centric approach.
• Policy-based access control – Dynamic policies: Implement granular access control policies adapting based on contextual factors, such as user location, device health, compliance and time of access.
• ITDR (identity threat detection and response): ITDR aims to reduce the time it takes to identify and respond to threats by combining information from all identity sources. Automated attack disruption stops identity attacks and lateral movement activities using compromised credentials, delivering consistent protection for human and non-human identities.

As organisations embrace cloud-based services, remote work and diverse devices, the traditional network perimeter becomes obsolete. Identity-centric zero trust, fortified by zero trust architecture, represents the future of cyber security. By placing identity at the forefront, organisations can adapt to the dynamic nature of modern business environments, proactively protecting assets and maintaining data integrity. In a digital landscape characterised by complexity and rapid evolution, identity-centric zero trust stands as a beacon guiding organisations towards a secure and adaptive future.