What does Zero Trust mean to AV?
Updated: Mar 22, 2021
You may or may not have heard the term Zero Trust used before, maybe you have and wondered what it meant? In the simplest of terms Zero Trust means exactly what it sounds like, trust nothing. In cybersecurity, Zero Trust implies a strategic security model whereby nothing and nobody is to be trusted. For many years cybersecurity efforts focused on keeping the bad guys out, using techniques and technology that focused on the outside of a system. The assumption being that only “bad-actors” from outside the organization are trying to obtain confidential information and or disrupt operations. Many defenses have been developed to stop these outside attacks, including implementing password policies, email filters, anti-virus software, firewalls, and intrusion detection systems to name a few. Recently however a notorious breach was publicized where an insider, someone who was “trusted” by the organization, obtained access to confidential information which was then made public. This polarizing event demonstrated that threats could come from anywhere, and the assumption that systems and people on the inside can be trusted was inevitably wrong. Therefore, a new strategy was required that included a focus on internal threats as well as external threats, this new model is referred to as Zero Trust i.e., trust nothing.
A common security practice used in network design is to segment and or segregate the network, with assets that share a common purpose or function segmented into groups. Many security professionals recommend this architecture be used wherever possible as segmentation can effectively slow down and possibly stop lateral attacks. However, segmentation alone relies on trusting the devices within the group which of course breaks the Zero Trust model. Therefore, according to the Zero Trust model persistent monitoring must be employed to detect vulnerabilities and malicious activity within each of the isolated groups to reduce the likelihood of an attack that could impact the group and possibly the organization.
Often many audiovisual systems are constructed on segmented networks, while this was initially done for other reasons, it now also serves as a beneficial security architecture. Another coined term often used in cybersecurity to refer to segmented networks without any form of monitoring is “security by obscurity”. Security through obscurity is unfortunately how many AV systems are deployed, where the assumption is the AV devices themselves are not PCs or servers and no one really knows about them, so they should not pose any threat. Wrong, many AV products have adopted the use of modern operating systems and applications, which has increased the overall attack surface. In fact, the AV devices are using similar operating systems used in the PCs and servers found on the enterprise network, but with less security features and no monitoring agents. In network topologies where segmentation is in place it is still important to employ detection technology that provides situational awareness as per the Zero Trust model. HiCLIFF’s Cybersecurity monitoring platform can offer a practical way to increase the defense posture of the segmented network, with tools developed specifically for AV device discovery, identification, management, and vulnerability assessment. If you are operating an audiovisual network and are concerned that it does not follow the Zero Trust model or have general cybersecurity questions please contact us we are happy to help.
Click below to follow us on LinkedIn