Why a Zero Trust
Security Architecture
is critical
to protect against advanced cyber threats
Reality check: Your network is almost
certainly under attack right now.
With recent cyber attacks impacting
federal agencies, including the
SolarWinds hack, many agencies are
prioritizing Zero Trust security
architecture to protect their data.
Adopting a Zero Trust framework
can harden your environment
against attacks and minimize the
impact if your organization is
compromised.
What is Zero Trust architecture?
Zero Trust is a comprehensive approach to security that limits
malicious cyber actors' ability to freely explore a network by not
"trusting" any user or system within the secure perimeter.
A shift in cybersecurity
mindset accepting that
a network is already
breached, or will be
An architecture
designed to specifically
reduce damage caused
by attacks
A reduction in
implicit trust of
authenticated users
A prescribed set of
incremental steps
to improve defenses
against advanced
cyber threats
The reality is, modern cyber threats exist on
both sides
of traditional
network boundaries. That's why Zero Trust architecture is shaped around
business outcomes to maintain user productivity while defending the
network from both internal and external sources.
Eliminates implicit
trust in any one
element, node,
or service
Requires continuous
verification of the operation
picture via real-time
information from multiple
sources to determine access
and other system responses
Focuses on protecting
data in real-time within
a dynamic threat
environment
Without Zero Trust Architecture
A compromised device gives a
malicious actor access to
the network.
Since the actor could access
the network, they're assumed
to be trustworthy and can
move freely about, causing
widespread destruction or
exfiltration of sensitive data.
With Zero Trust Architecture
A compromised device gives a
malicious actor access to only
part of the network.
Critical answers to questions
regarding "who, what, when,
where, and how" help
appropriately allow or deny
access to resources.
A data-centric security model
allows the concept of
least-privileged access to be
applied for every access decision.
Continuous verification prevents
the outsider from exploring
the whole network, containing
the damage.
Zero Trust components
In a coordinated manner throughout all aspects of security
infrastructure, Zero Trust Architecture embeds:
Comprehensive
security monitoring
Granular, risk-based
access controls
Security system
automation
Why your organization needs
a Zero Trust strategy
Reaching Zero Trust status is a pivotal target for major government
agencies, including the Department of Defense.
Do you trust everyone on your network?
80%
of data breaches
involve compromised privileged
credentials
.
1
In 2020 alone, there were
more than
1,000
known data
breaches in the United States,
affecting over
150 million
individuals.
2
How many more unknown cases might there be?
Taking action
Many agencies recognize the importance and potential of
Zero Trust, but few have fully executed implementation plans.
72%
of organizations planned
to implement Zero Trust in 2020
3
Essential components of a Zero Trust
technology solution
Your network has been breached. How are you minimizing the
impact? Leidos Zero Trust architecture is made up of mitigation
protocols including:
Software-defined
perimeters
Essentially a
next-generation VPN
Micro-segmentation
More granular access
control inside a
data center
Identity-aware proxies
Help control access to
resources in the cloud via
authentication and
user-based access control
With a commitment to an adaptive defense strategy and
sustainable threat protection, Leidos helps our customers outpace
adversaries and secure what matters most to your organization.
Contact us to learn more about our proven processes and how we
can help you implement your Zero Trust Architecture.
leidos.com
1
forrester.com/report/The+Forrester+Wave+Privileged+Identity+Management+Q4+2018/-/E-RES141474#
2
statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed
3
intelligentciso.com/2020/02/19/72-of-organisations-plan-to-implement-zero-trust-capabilities-this-year
