September 15, 2021

Creating Zero-Trust Security Architecture

Written by Garrett Williams, Senior OT Security Consultant


What is Zero-Trust Security?

Zero-trust is the practice of shrinking the cybersecurity perimeter and eliminating inherent trust in your environment. The focus is on using technology and up-to-date methodologies as tools to get security as close as possible to each individual asset or components within a control system.

For example, instead of a security zone being the entire manufacturing plant, specific HMIs and historians are grouped together to minimize the attack surface that a security team needs to manage. Between each grouping may be virtual networking divisions, physical devices or other mechanisms that allow for alerting and monitoring centrally.

Security solutions must be dynamic to keep up with modern threats – that is the only way to ensure your overall architecture has strong foundations to handle the security required for ongoing operations. With Industrial Control Systems (ICS), that means preventing unauthorized and unwanted access to operational technology (OT) that could have caused a disruption in the availability of services. The Zero-Trust model utilizes strong cybersecurity tools and methodologies to create an environment that is inherently secure as opposed to being inherently available.

So, where do you start? Every cybersecurity-related vendor now utilizes the buzzwords ‘zero- trust security’ and ‘false claims’ to sell the full package solution, but most products only add and strengthen the bricks within one or more pillars that complete your cybersecurity architecture. To create a truly secure environment, you’ll need a partner who can help develop the bigger picture.

Developing the “Bigger Picture”

To build a strong cybersecurity program, there are a number of cornerstone methodologies – or “pillars” – that can be implemented. Below are the most fundamental of these pillars:

Strong Asset Management:

Having an asset inventory is critical for security; it is the basis for most methodologies. Security requires a few different components to allow it to function at its best. When deciding what these pieces are, you should ask yourself questions such as:  What are we protecting? How much is it worth? Where is it? These questions must be addressed on a continuous basis in order to have strong asset management within an organization.

Some examples of assets are computerized equipment, generated data, software and/or applications, and even services. Assets should be ranked or prioritized. A common practice for control systems is doing a crown jewel analysis, which are devices and processes most critical for operation.

Least Privilege

Least privilege is giving the absolute minimal amount of access to resources necessary to do one’s job. An organization needs to define roles and the specific responsibilities that fall under each role. Only then can you create strong policies that restrict the appropriate access to resources during the appropriate time.

Dynamic IAM MFA

Multi-factor authentication (MFA) successfully defeats most password guessing and credential hijacking attacks. However, MFA by itself is not insurmountable. We are constantly creating and strategizing new ways to authenticate rightful users to the resources they need to do their jobs. Flexibility is required with security tool and technique selection.

The strongest and most effective way of authenticating users and devices is by combining multiple methods to create one strong policy. Identity Management can be very arduous and granular – it is paramount to understand how your organization defines and validates identities, as well as represents those identities digitally within your environment. Remember, the goal is strong discriminative authentication policies that do not inconvenience operations.

Build defensible networks with segmentation plus monitoring

Group and separate your network based on asset attributions, how they transact with each other, and their value to the business. The point in which one security zone interacts with any other should be digitally monitored. Monitoring is set up and networks are separated using virtual networking solutions or hardware solutions such as firewalls and unidirectional gateways.

In a zero-trust architecture, a defensible network serves dual purposes. These checkpoints can serve as booby traps and alert your team of adversaries in your environment. Network segmentation in addition to monitoring also gives you the option to defend yourself against an attack. For example, if you experience a ransomware attack, a segmented network can help prevent the spread of malware from one security zone or group of assets to another.

Your Partner in Cybersecurity

A zero-trust architecture establishes network security from the inside out, starting with the asset(s) or security zone. Sometimes, with a little bit of help, you can implement zero-trust architecture with little to no cost. There are many security-enabled features inside the networking, OS-based HMIs, and workstation systems currently used within most OT environments.

To help you transform your environment into a zero-trust security model, you need a partner that not only helps you invest, but also consults you on how to address cyber threats with existing capabilities. It is essential to have security-aware people, secure processes, and secure technologies.

RED Group is your partner in implementing zero-trust security architecture throughout your industrial environment. We can get started by evaluating your current cybersecurity program maturity and assessing how and where you can implement better cybersecurity tools and improve your cyber security posture. Contact us today to begin working on a roadmap to secure your environment.

Garrett Williams is an OT cybersecurity professional with an extensive history of building and leading high performing teams.