Date published: July 16, 2024
Imagine walking into a high-security building where every door, every room, every cabinet requires a different key specifically designed for you – and just because you've entered one room doesn't mean you can waltz into the next without verification.
That's Zero Trust in a nutshell.
This approach requires every user, whether inside or outside an organization's network, to be authenticated, authorized, and continuously validated before being granted access to the organization’s data resources and applications. “It's about assuming the presence of potential threats everywhere and consistently verifying every access request,” said Ashish Khanna, Senior Director of Verizon’s Global Cyber Defense Practice.
The table stakes for maintaining robust cybersecurity protection have never been higher. Verizon’s 2024 Data Breach Incident Report (DBIR) cited a record high number of incidents, including:
The 2024 DBIR also indicated an eye-popping 180% increase in attacks that exploited vulnerabilities over the prior year, as cybercriminals used more sophisticated attack vectors to take advantage of systems or weaknesses that were previously trusted as secure. Advances in cloud services, mobile devices, and the Internet of Things (IoT) have also chipped away at many organizations’ assumption of a secure network perimeter.
What’s more, regulatory scrutiny continues to grow. Whether its new disclosure rules from the U.S. Securities and Exchange Commission’s (SEC), or expanded requirements included in the European Union’s NIS2 Directive, policy-makers global government oversight is increasing to keep pace with breach risks.
Verizon recognizes that modern security must be equally agile and robust. Zero Trust is both. It’s an encompassing cybersecurity framework that scrutinizes every digital interaction, and applies other controls to better protect network infrastructure. Born out of the realization that threats can originate from anywhere, Zero Trust operates on a simple maxim: trust no one, verify everything. As Khanna eloquently put it, “Trust is not a given; it's earned, every time.”
Interestingly, the evolution of Zero Trust at Verizon has been part of a strategic pivot to adapt to today’s modern digital complexities and the cybersecurity risks they pose. A few examples include providing remote access to corporate networks, primarily for employees working from home or for workers in the field; the widespread use of personal devices for work tasks by employees; and the difficulty of enforcing security policies outside of traditional office environments. All are ongoing challenges brought about by our increasingly interconnected world.
Khanna shared an example of how Verizon implemented Zero Trust to provide secure remote access for its global workforce. “Adopting Zero Trust meant redesigning our access protocols to ensure that every employee, whether working from home or the office, underwent the same stringent verification processes,” he said. “Verizon’s use of the Zero Trust approach helps us maintain a secure and flexible working environment, which is crucial in today’s hybrid work environments.”
AI can help elevate the Zero Trust model through its promise of greater speed, accuracy, and automation in detecting and responding to security incidents. Because AI tools are capable of analyzing vast datasets, they can help security analysts identify anomalies and enforce security policies. AI can also support continuous monitoring and validation – which is a cornerstone of Zero Trust.
“AI empowers us to not just react to threats in real-time but to anticipate and neutralize them before they materialize,” said Chris Novak, Verizon’s Senior Director of Cybersecurity Consulting. “AI helps us move from reactive to proactive cybersecurity to more effectively stay ahead of adversaries.”
At Verizon, Novak and Khanna shared how AI, including Deep Learning models, are currently used for a variety of cybersecurity tasks, such as enforcing universal conditional access policies. Verizon refers to this as AI-powered UEBA (User Event Behavioral Analytical Solutions) focusing on human identities, machines, devices, and non-human identities. By establishing the baseline and these variations, AI can help to build a better UEBA coupled with SOAR (Security Orchestration, Automation and Response) platforms and create much better playbooks that can reduce the analyst workload thus helping them where it matters the most.
Leveraging Zero trust models can help automate Identity Access Management (IAM) and move it more toward continuous validation. By integrating this with the SOAR platform, when a Security Operations Center (SOC) detects a privileged user accessing a system that the user hasn’t accessed before, it can trigger an alert to the SOC much faster.
At Verizon, Novak and Khanna shared how AI (deep learning models) are currently used for a variety of cybersecurity tasks, such as enforcing universal conditional access policies, which Verizon refers to as AI-powered UEBA (User Event Behavioral Analytical Solutions) focusing on human identities, machines, devices, and non-human identities.
Verizon’s Zero Trust strategy assumes the potential for threats to come from external, internal or third-party sources. As Khanna explains, “In our Zero Trust approach, we verify everything, since threats can come from anywhere.”
In addition to using Zero Trust for remote access services, Verizon's rollout of dynamic access controls and micro-segmentation techniques across its network infrastructure helps ensure that access to sensitive data and systems is tightly regulated, applying stringent verification every step of the way.
Adopting a Zero Trust approach is not merely about deploying new technologies. It’s about a shift in the organization's security culture. “At Verizon, we've transitioned to a model where access is not just about who you are but also about the context of your request,” Khanna said.
This context includes the time of the request, the device used, and the data being accessed. By integrating these factors, Verizon can dynamically adjust access controls, ensuring that the right people have the right access under the right conditions. “We look at Zero Trust as a strategy, focusing on the workforce, workplace, and workloads. It's about creating a seamless yet secure experience, whether you're accessing resources from home or using a device connecting from anywhere around the world,” he continued.
Verizon’s suite of Zero Trust solutions is designed to empower businesses to protect their critical assets. “From identity and access management to network segmentation and threat intelligence, Verizon today provides the expertise and tools needed to transition to a Zero Trust model,” Khanna added.
AI's role in cybersecurity is akin to giving your organization’s gatekeepers the ability to spot a disguise or catch a whispered plot in a bustling market. It's about making smart, quick decisions based on analyzing vast amounts of data to detect anomalies, automate responses, and maintain strict access controls. “AI is the force multiplier we need today,” Khanna said, to underscore AI's role in reinforcing the Zero Trust approach.
Consider widespread ransomware attacks that have affected organizations globally. AI-driven systems could be used to detect unusual data encryption patterns that are characteristic of ransomware attacks, automatically isolating affected systems, and preventing further damage.
In Verizon's SOCs, AI is already proving to be invaluable. Khanna illustrated its impact with an example. "Our Gen-AI systems spotted a sophisticated phishing attack early on by analyzing deviations in email patterns. This level of early detection helps prevent much wider user exposure to malicious campaigns.”
Improving the allocation of resources is another strategic benefit of integrating AI with security operations. Verizon’s Novak shared an instance where machine learning refined Verizon’s incident response process. “Our models now assess incidents by their criticality, allowing our teams to focus where the impact will be greatest.”
While the field is still maturing, oversight of AI applications to prevent misuse and safeguard privacy is considered crucial. “Careful governance forms the backbone of our AI strategy, ensuring that its powers will be harnessed for good,” Novak explained.
Verizon's governance structure exemplifies safe and responsible AI use by incorporating several key elements:
The synergy between AI and Zero Trust can be used to improve security for better protection in an increasingly interconnected world. In addition to Zero Trust, AI is being evaluated and deployed across multiple cybersecurity tasks to bring security teams greater defensive speed, accuracy and responsiveness. Even at this early stage, the adoption of generative AI in cybersecurity is projected to grow by 22% (CAGR), from $1.6 billion in 2023 to an estimated $11.2 billion by 2033.
A key differentiator of AI use for Verizon lies in the ability to further strengthen rapid response capabilities. “The response planning we perform for our customers helps bring them back to full operations as quickly as possible, enabling them to get back on their feet with the least possible disruption after a security incident,” Khanna said.
Partnering with Verizon for cybersecurity can help mature your cybersecurity defenses. Verizon can help customers on their cybersecurity journey, from assessments and risk quantification, to supporting a Zero Trust framework, to access controls, continuous monitoring and incident response aligned to their business needs.
Reach out to us to learn more about our tailored security solutions, or explore more online.