The Cyber Defense eMagazine August Edition for 2023
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
of SRA to a resource. Additionally, 67% of respondents felt that Advanced Persistent Threats (APTs) are<br />
a growing concern and 72% viewed third-party connections as their biggest risk <strong>for</strong> any Remote Access.<br />
Now, you may be asking why an OT targeted report is relevant to SRA across any organization and the<br />
answer is simple. Many SRA solutions are shared, maintained, managed or controlled in some <strong>for</strong>m by<br />
IT resources within an organization. <strong>The</strong> threat of Ransomware as an example, is not just focused on<br />
attacking specific company resources but is focused on being able to disrupt as many business<br />
operations as possible to extract financial gain <strong>for</strong> the threat actors.<br />
Navigating the Scope of Secure Remote Access Components<br />
As <strong>for</strong> the human component of SRA, 59% of respondents were concerned about even trusted users with<br />
direct access to resources. This is where the definition of SRA and trusted users gets murky.<br />
In most organizations, SRA is not just used by third parties but is also used by remote workers, internal<br />
users crossing organizational boundaries to connect to resources and a growing segment where SRA<br />
and Software Defined Networking (SDN) are being used together as well. This brings us back to the<br />
“lens” statement above.<br />
To many organizations or technology vendors, a Virtual Private Network (VPN) is a <strong>for</strong>m of Secure<br />
Remote Access, and they are not incorrect in this statement. A VPN is encrypted (secure) and uses a<br />
<strong>for</strong>m of 2FA/MFA user / device authentication (ex. token, cert, key, etc.) prior to granting access (safe)<br />
but that is where it ends generally. Some can en<strong>for</strong>ce access policies, resource controls, connection time<br />
but generally they place you on a jump / bastion host where applications are published to the multiple<br />
users.<br />
Things such as session recording, supervised access, shared credential vaulting and function restricting<br />
are not available. Lastly this type of connectivity is at the Network layer (the letter N in VPN) not the<br />
application layer so if the end device is compromised ransomware and other network layer threat vectors<br />
can be attempted successfully.<br />
Another <strong>for</strong>m is the highly discussed and promoted ZTA / ZTNA, which <strong>for</strong> those of you who do not know<br />
is based on NIST SP 800-207 (I highly suggest reading this Special Publication be<strong>for</strong>e using the term<br />
freely). In this vision of SRA the premise is trusting nothing, hence the Z <strong>for</strong> Zero. It also practices the<br />
principle of continuous validation which means inspecting the session to ensure everything is still safe<br />
and secure. This <strong>for</strong>m of SRA also is deeply rooted in policy which means granular control or people,<br />
process, and the technology being used within the SRA session.<br />
Unmasking the Weakest Link in Secure Remote Access<br />
<strong>The</strong> point of this article is not to get into which technology model (and there are others as well) is the<br />
best, but to discuss the real underlying problems of any SRA solution and those are proper configuration,<br />
oversight, usage and management.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>August</strong> <strong>2023</strong> <strong>Edition</strong> 115<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.