I will expand each concept over weekends, starting with an introduction and then cover advanced concepts.
Zero Trust - High level overview
What is Zero Trust ("ZT")?Imagine you have the responsibility for cyber security. Assuming a cybersecurity breach of users, applications and network, your challenge is to protect the other users, applications and parts of the network. This is where the ZT model plays a role. It requires the constant verification of the authorisation to access resources. ZT builds on a framework of the least privilege necessary for regular use. Read an in-depth introduction and the nuances of different terms e.g. ZT Model, ZT Architecture, ZT Network, etc.
"Trust, but verify."
– Comments from the Regan - Gorbachev summit
The cyber attack surface and threats are increasing and cyber criminals leverage one breach of users, applications or networks to compromise other resources.
For example, if you make a mistake of opening an attachment containing a virus, the damage should not go beyond your own machine.
Another example, if one of your employees is an associate of a cyber crime gang (yes, that happens), you do not want them to steal your information.
"Every ransomware attack would hurt much less with ZTA. Same as the difference between a knock-out punch and a kiss."
– Santosh Pandit
How to implement ZT?The ZT model requires strong authentication, authorization and verification of the least privilege access to networks, information and resources.
What are the advantages of ZT?A ZT framework has the advantage of limiting the damage through spread of ransomware and data theft and prohibiting unauthorised access to resources.
What are the disadvantages of ZT?A practical implementation of the ZT model requires cyber threat intelligence, intelligent professionals that are not cheap and a cybersecurity culture.
Zero Trust Plus - High level overview
About Zero Trust Plus ("ZTP")ZTP is an academic proof-of-concept to implement the ZT Model and lead the research on the TTPs used by sophisticated cyber criminals.
ZTP - What is the concept?ZTP extends the ZT Model to the supply chain ecosystem and keeps pace with the evolution of the TTPs used by sophisticated threat actors.
ZTP - Why is it needed?ZT is becoming a fashion and risks its abuse by vendors and the CISOs. Ongoing research helps to establish the effectiveness of the ZT Model.
ZTP - What makes it successful?The only way to be resilient to cyber crime is to think like a criminal; be aware of the latest TTPs used by sophisticated hackers; and deploy the trio of reactive, proactive and aggressive cyber defence.
ZTP - Current Research TopicsI am currently working on the following applied research topics.
(1) "ZT implemention using an automated dual-band mutual authentication with ultra-short validity periods."
(2) "Real-time reconciliation of users and applications authorized access to resources under ZT."
(3) "Essential features for a hypermodern Security Operations Centre in a ZT Model."
(4) "ZT and Confidential Computing - What do we do with the bloody AES!"
(5) "ZT and Quantum Safe Computing - The backdoor paranoia"
About me, BeatQuantum and Zero Trust Plus
My name is Santosh Pandit and I am based in London. In my personal time, I do a lot of cybersecurity research. I have a day job too; but my research is not connected to my employer.
In 2020 I founded BeatQuantum Labs which successfully withstood serious cybersecurity attacks. It was fun and a lot of friends enjoyed my servers. The remaining BeatQuantum servers will be phased out over the next 18 months.In 2021 I founded Zero Trust Plus - which is still under development.