This data-protection cyber platform verifies anything and everything
Trust no one. Verify everybody.
That’s the purpose behind a Zero Trust cybersecurity approach. It’s a model in which organizations don’t automatically trust anything inside or outside its network's perimeters. Instead, they verify anything and anybody trying to connect to or access data and systems. However, there hasn’t been a single Zero Trust solution available that protects data for an entire organization.
“After decades of work on security for enterprise systems, we recognized the need for a holistic approach to protecting data,” said Kevin Roth, Raytheon Cybersecurity and Special Missions solutions director.
Raytheon is investing in an internal research and development project called the Enterprise Data Protection & Resiliency Platform, or REDPro, which is a comprehensive system utilizing both the company’s defense-grade cybersecurity technologies and tech from select industry partners.
REDPro treats the enterprise as a battlefield, monitoring data in real-time and verifying access and activity throughout its entire life cycle. The platform offers automated, multi-level monitoring and command and control.
“Most organizations don’t recognize that data has its own life cycle,” Roth said. “Securing enterprise systems for our national security partners led us to develop a platform with real-time monitoring of the most sensitive assets we are trusted with.”
Roth suggests organizations shift their focus from just defending the “perimeter” to a Zero Trust framework. It has become too costly to chase endpoints with various security tools, he said. The perimeter is now much more dynamic and permeable, with applications, services and data existing in the cloud or in virtual, hybrid centers accessed remotely from laptops, tablets and mobile devices.
“We can no longer have this ‘castle-and-moat’ mindset, where we only defend the perimeter and endpoints, believing everybody and everything already inside our network belongs there,” said Dr. Torsten Staab, Raytheon’s chief engineer for the Enterprise Data Protection and Resiliency Platform. “You’ve got to assume that the bad guys are already inside, and they are already accessing your data.”
The REDPro platform operates from a unified dashboard and can auto-discover, label and classify data; apply and enforce risk-based security controls and policies; detect and prevent unauthorized data access, tampering and data loss; and improve data resiliency and availability.
The platform can use deception and “honeypots” to entice hackers away from real data by luring them with attractive decoys. Deception not only identifies that intruders exist, but can keep them isolated in a “sandbox,” where they can do no harm.
“Most organizations think they know where there data is at…They think they know, but the truth is that they don’t,” Staab said. “In today’s highly interconnected world, adversaries can quickly move gigabytes worth of sensitive data around the globe within a matter of seconds…so you need real-time data tracking and collaborative data access control tools in place.”
The Zero Trust framework flips the trust calculation, denying access by default. Everything and everyone is untrustworthy from the outset.
“Once bad actors get inside a network without a Zero Trust architecture, they’re often able to jump around, gaining access to multiple systems with little resistance,” Staab said. “They can cause a lot of damage by tampering or stealing sensitive information. Ransomware is a good example. That’s why we must continuously monitor, assess, and verify that the hardware, software, and users are all trustworthy. In today’s data-driven world, we simply can’t afford this risk. In the end, we’ve got to keep the lights on.”