Oceanne Gallagher by Oceanne Gallagher | | Blog

Never Trust, Always Verify

With a mantra of “never trust, always verify”, zero-trust cybersecurity is buzz-phrase of the moment. But says Deep Secure Lead Researcher Oceanne Gallagher, with true zero-trust the devil is in the detail.

In cybersecurity terms, zero-trust means not trusting anyone or anything to not be malicious. It is commonly accompanied by the phrase “never trust, always verify”, implying that neither the content itself nor the person delivering it should be trusted. All well and good but the phrase is somewhat ambiguous, with cyber security vendors all skewing the zero-trust concept to fit their own purposes and means of verification. So how should we define a true zero-trust cybersecurity architecture?

Everyone is a Threat

Many vendors recommend that zero-trust security architectures should be built around the notion of not trusting users or sources of data. Others recommend not trusting any network traffic. This means that everything coming into a network should be “verified”, regardless of the source it comes from or the internal user it’s going to. Fair enough, so users, sources of data and network traffic should not be trusted. But what about the data itself. What about digital content? In a world where malware concealed inside documents and images routinely evades detection, true zero-trust means finding a way of verifying beyond doubt that the content is also threat-free.

Let’s imagine, for example, that an email arrives from a well-respected partner organisation to the financial director of your organisation. The email is perfectly normal for an interaction between these two parties and contains a macro-enabled Office spreadsheet listing some financial figures relevant to previous email interactions.

To all intents and purposes, this is a perfectly trustworthy network exchange, between trustworthy entities containing a trustworthy file type. However, the macro-enabled Office spreadsheet within the email actually contains parts of an executable, which will be assembled and executed when the macro is run. If this email had been trusted because of the trustworthy source, recipient or attachment file type, then malware would have entered the network. Zero-trust is important as it protects us from those we trust who may have been compromised themselves.

Transforming Security

Deep Secure’s approach is not to trust users, sources of data or network traffic. And it doesn’t trust any content which is part of that network traffic. In fact, in its purest form it doesn’t trust an application to handle data correctly, or even trust the Internet facing components of the defence itself.

Instead, the Deep Secure transformation engine treats every incoming file with the same distrust regardless of file type, source or user and verifies everything following the recommendations written by the National Cyber Security Centre (NCSC) for safely importing data.

With this approach “verification” consists of transforming every file regardless of whether it could contain a threat. During transformation, the content is decoded and just the valid business information is extracted from it. The original file is then discarded, along with any encoding context, unnecessary metadata, active code or malware. The extracted business information is then formatted to match the original and put in a wholly new file.

Deep Secure’s zero-trust approach would have transformed the email in our earlier example as well as its attachment to create a brand new, clean, identical email and attachment inside the network which wouldn’t contain the hidden malicious data. It would also perform the exact same transformation on every other email which entered the system in case any of those also contained malware, known or not.

Where necessary in high assurance environments, Deep Secure uses “hardsec” hardware logic and a physical air gap to minimise the protected network’s attack surface and protect Deep Secure’s own software from possible compromise.

From the Ground Up

In 2008, Author Maria V. Snyder wrote: “Trusting is hard. Knowing who to trust, even harder.” Eleven years on there’s a groundswell of opinion that when it comes to cybersecurity it’s best not to trust at all. Making this a reality, involves building a zero-trust security model from the ground up, using technologies such as transformation and hardsec to defend the organisation.

- # -

Oceanne Gallagher is Lead Researcher and Pre-Sales Consultant at Deep Secure. 



View all posts

Digital Purity with 100% efficacy

Contact Us