Responding to Biden’s Executive Order on Improving the Nation’s Cybersecurity
Section 10(k) of the Biden administration’s recent executive order signaled a critical shift in the Federal Government’s thinking about “Zero Trust Architecture” as a data-centric security model. The Federal Government plans to lead by example, modernizing cybersecurity by implementing Zero Trust Architecture. This approach should be broadly adopted by the industry because for too long cybersecurity has focused on network-based tools with perimeter protections and network segmentation. Taking an entirely network-based approach is insufficient and has failed our current world operating model. You only need to read the latest ransomware headlines to see the damage done.
Why? It’s simple. The bad guys are stealing your data, not the network. Network–based detection and response solutions will fail without takinga new approach to fill in the gaps. Network and even endpoint protection on the client can be circumvented by the adversary when they’re determined to steal or encrypt your data.
Taking a data–centric approach to cybersecurity eliminates the gap between your network and the data by putting the security controls and data protections as close to the data as possible. RackTop is the first company to implement data-centric Zero Trust Architecture to protect your files. We have implemented continuous evaluation for trust with each file operation request from the application and user. There is no way to circumvent this access control – the data is always encrypted in flight and at rest.
There will be debate about how much change the executive order can influence and only time will tell. The best outcome would be that information technology professionals will start to adopt a data-centric approach to cybersecurity. We need to make the cybersecurity tractable and our data easier to defend. It is time to start looking at security from the inside out, start with the data.