The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on modern approaches to network access security in collaboration with the Federal Bureau of Investigation (FBI) and similar entities in New Zealand. This guidance comes in response to the growing number of breaches and data incidents, emphasizing the need for organizations to adopt modern firewall and network access management technologies to gain visibility over their networks.
CISA has outlined three specific approaches in its guidance: zero trust, secure service edge (SSE), and secure access service edge (SASE). The guidance also addresses remote access, virtual private network (VPN) deployment, and remote access misconfiguration, as well as threats and vulnerabilities associated with VPN and conventional remote access deployments.
Key Approaches:
Zero Trust: This approach, based on the principle of "never trust, always verify," focuses on ensuring that users are authenticated, authorized, and validated before being granted access to data and applications. CISA highlights that implementing zero trust can reduce the risk of data breaches by around 50%.
Secure Service Edge (SSE): SSE combines features such as cloud access security brokers (CASBs), secure Web gateways (SWGs), and zero-trust network access (ZTNA). Organizations utilizing SSE have seen a 40% reduction in security incidents and a 30% improvement in network performance, according to CISA.
Secure Access Service Edge (SASE): Building on the functionality of SSE, SASE provides users with secure, optimized access to data and applications regardless of their physical locations. Deploying SASE has been shown to improve network agility by 35% and reduce operational costs by 25%, according to CISA.
Network Best Practices:
In addition to these approaches, CISA and its partners have recommended several key best practices for optimizing network security:
Continuous Monitoring and Assessment: Implement continuous monitoring to identify user activity and network traffic, enabling real-time threat detection and response.
Multifactor Authentication (MFA): Adding MFA for an extra layer of user authentication can significantly enhance security and block potential threats.
Regular Security Audits: Conduct regular security audits and penetration testing on the network to identify vulnerabilities and weaknesses.
The guidance provided by CISA and its partners offers valuable insights into modern network access security and highlights the importance of adopting these approaches and best practices to enhance overall cybersecurity resilience.