Continuous Risk and Trust Assessment Approach
The industry standards in information security have been undergoing dramatic changes over the past several years. So what is the Continuous Risk and Trust Assessment Approach?
The paradigm of network security monitoring has firmly shifted from a rigid, concretized approach, to one the focuses on adaptability and dynamism. Nowhere is this more strongly expressed then in the , or CARTA, which the IT research and advisory firm Gartner, has begun to recently preach about.
It all comes down to trust
At the crux of CARTA is the understanding that trust is the key element of network security. It is this digital trust that allows a network to access everything from transmitted data packets to downloaded files, as well as permit the access of a given user. The traditional way in which networks establish this trust is through rule-based detection systems. Pre-designed signatures are written into detection systems to identify either specific malicious data sets or anomalies in typical data flow.
And here lies the weak link:
The weakness in this old model lies in its inability to keep up with the constant development of tools and tactics by cyber criminals. Detection power remains static.
Furthermore, current methods often leave the door wide open for damaging activity emanating from within an organization, otherwise known as the insider threat. Because users within an organization are identified by the network as safe, harmful activity by such individuals such as data leaking is less likely to trigger security measures. This applies whether the actions were executed intentionally or by accident.
A new paradigm
CARTA asserts that security cannot be a set-it-and-forget-it thing. Rather it is a process that has to be always reviewed and adjusted based on the ever-changing threat environment. By incorporating “smart systems” based on artificial intelligence, security platforms are able to keep up with the development of the threats they face. As Gartner research head Eric Ahlm put it “machine learning is helping us to find bad guys that have otherwise bypassed our rules-based prevention systems.”
For this reason industry leaders have seen a growing shift from the old security tools, such as firewalls in firms and other business organizations. The security strategy of the future will focus heavily on data analytics, constantly assessing traffic patterns to sharpen security protocols, to produce a strategy that is both more accurate and efficient. By implementing Smart Data Loss Prevention solutions, data protection and network security becomes more focused over time. Smart systems also produce better data classification rules, and allow for admittance by appropriate users while limiting unwanted access. In this model environment, system managers are now able to maintain more clarity in identifying malicious activity and preventing hacking or data exfiltration attempts.