On May 12, U.S. President Biden issued the much anticipated Executive Order on Improving the Nation’s Cybersecurity. After several high-profile breaches involving attacks on the Nation’s critical infrastructure, supply chain providers, and government agencies, this order is welcomed by both the public and private sectors. It ambitiously presses forward, seeking to quickly define, improve and adopt stronger cybersecurity models and standards.
KnectIQ Responds
KnectIQ applauds the Executive Order (EO) as a step in the right direction. We are pleased to see a call for “bold changes and significant investments” in Section 1 for the government to modernize, better securing itself and then requiring the same of their service providers.
Our novel solution goes beyond status quo. It can effectively thwart cybercriminals who – without the KnectIQ Trust environment in place – are successfully and silently breaching data, devices, or networks with compromised keys or credentials four of every five times. We are hopeful that the EO will encourage companies to adopt improvements that prioritize protective pre-breach strategies.
Zero Trust Architecture
The EO specifically calls out a need for adoption of “Zero Trust Architecture” and includes a definition of the term in Section 10:
“(k) the term “Zero Trust Architecture” means a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries. The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses. In essence, a Zero Trust Architecture allows users full access but only to the bare minimum they need to perform their jobs. If a device is compromised, zero trust can ensure that the damage is contained. The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred, so it constantly limits access to only what is needed and looks for anomalous or malicious activity. Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment. This data-centric security model allows the concept of least-privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources…”
How the KnectIQ Solution Measures Up
Although the “model assumes that a breach is inevitable or has likely already occurred,” we strongly believe we should prevent breaches where we can. And KnectIQ can prevent the 80% of breaches that involve bad actors using compromised secrets to gain access.
Our KnectIQ data-centric cybersecurity solution delivers Zero Trust with even stronger security, more visibility and less user friction than the Zero Trust Architecture requirements as laid out in the order.
- Continuous Verification: KnectIQ verifies identity for each communication or transaction. This provides the unique ability to track device activity in real-time.
- Containing Damage: With KnectIQ, unified yet granular controls allow each device, user and application to be individually disabled if the need were to arise.
- Comprehensive Monitoring: KnectIQ makes every encryption and decryption visible, enabling unparalleled monitoring capabilities while also delivering real-time attack alerts.
- Protecting Data: KnectIQ eliminates the threat surface of compromised secrets.
Additionally, KnectIQ is happy to see the EO’s requirement of Multi Factor Authentication (MFA). We believe MFA to be a strong authorization methodology. However, existing MFA only occasionally verifies identity. We went one step further in the spirit of Zero Trust, modernizing our MFA by making it transparent and “frictionless,” thereby allowing continuous verification of identity without disturbing the user.
Ready to Go
KnectIQ is ready to partner with Federal government agencies to implement next-generation Zero Trust principles and standards. Our solution’s features could provide the new Cyber Safety Review Board created in Section 5 of the EO with previously unavailable yet relevant information when reviewing and assessing incidents and threats.
There is a lot of work to do to press forward. President Biden’s executive order is ambitious. Novel solutions and approaches are required to make this vision a reality. Stepping away from status quo cybersecurity practices as a matter of national security is the right thing to do. And we are ready to contribute today.