MITRE Technical Fellow Samuel S. Visner explores how combining Zero Trust Architecture with emerging cloud and AI technologies is a better way to protect the modern enterprise against cybersecurity threats.
This MITRE white paper covers current cybersecurity challenges and how new cybersecurity technologies can help us meet them. The recent SolarWinds exploit against network management systems and the enterprises they serve highlight vulnerabilities in current enterprise infrastructures.
We learned that the cybersecurity approaches being employed to protect them are simply insufficient. This incident reminds us how sophisticated and determined our adversaries are. They are constantly innovating their tools and techniques—and no organization is invulnerable. Traditional cybersecurity defenses that rely on signatures of known malware are not likely to detect network intrusions, either through product supply chains or through new, non-signature threats.
The paper gives particular attention to Zero Trust Architecture (ZTA) models, as well as other tools, including cloud-based analytics and rules to mediate access by users to specific resources. Overall, this paper describes a world in which entry to a network is no longer sufficient to gain access to specific resources. Rather, we consider a world in which every user’s access to specific resources is mediated individually, possibly using artificial intelligence (AI).