No matter how secure a computer network or the environment it's used in may seem to be, users should just assume it's compromised, the deputy undersecretary of defense for research and engineering said.
"This is something I'm very much behind," Lisa Porter said during a panel discussion yesterday at the Center for Strategic and International Studies in Washington.
During her time as the first director of the U.S. Intelligence Advanced Research Projects Activity, Porter said, she saw a growing emphasis on cybersecurity. The organization was created in 2008.
"At that time, cybersecurity became really, really important," she said. "It had been important before, but people were really emphasizing it. And unfortunately, there was a huge emphasis on primitive defense models." The thinking at the time, she said, was that as long as perimeters were put in place, everything inside would be safe, including the data and the networks.
There is no such thing as a secure system."
Lisa Porter, the deputy undersecretary of defense for research and engineering
That turned out to not be true, Porter said, and security requires more than just building a barrier around the network.
"It leads you to a false sense of security. ... Think 'Edward Snowden,'" she said. "So then we said, 'Maybe this perimeter defense model has some flaws in it.'"
Instead, Porter said, users should assume the network is compromised already – either from outside or from bad actors on the inside.
"When you change your mindset to ... 'I have to assume that my networks aren't trusted – that no matter where I am, I have got to go in with an assumption that I can't trust what I am using as the backbone of my communications – it changes how you think about the technological solution," she said.
Now, she said, cyber professionals are thinking about "zero-trust architecture," which assumes that no one who uses the network can be trusted. In such a setup, users might be allowed access only to that information and those applications that they are pre-authorized to use. Past network security might have put a wall around the whole network, and once inside, a user would free rein to move about. A zero-trust environment uses "microsegmentation," which divides the network into smaller zones, each requiring special access.
"I think we've been lulling ourselves into a false sense of security by thinking we can build perfectly secure enclaves," Porter said. "There is no such thing as a secure system. So we have to deal with that reality whether we are doing cyber, whether we are doing supply chain, whether we are doing 5G. You will see the zero-trust reference across many of [the Defense Department research and engineering] domains, because we are really trying to advocate for that perspective."