We hear a lot about Zero Trust controls in the government technology industry, especially here at Federal News Network. Can this approach to cybersecurity, which always requires verification before accessing a system, also apply to protecting space assets? The U.S. Space Force certainly seems to think so. Most recently, he signed a $17 million contract with Xage Security to help branch offices achieve zero trust access control and data protection. To find out more, we spoke to Geoff Mattson, CEO of Xage Security.
Jeff Mattson In the old days, we would build protection in the middle of our networks, abandoning things like firewalls between internal networks, the larger Internet, internal systems, VPN servers, and so on. This allows them to bypass firewalls and access internal resources and more. Zero Trust principles require you to set up secure sessions from one end to the other instead of having these incremental intermediate boxes within your network. right. Therefore, there is no chance for an attack to occur en route, or for an attacker to sneak through your firewall and roam around your company. This is the principle of Zero Trust. Establish a secure session between a client and a server, or a resource and a user of a resource, for a period of time and protect it appropriately. If it's a privileged session, it can be damaging. And Xage Security has figured out how to take this architecture and apply it to hard-to-apply areas such as industrial and space systems.
Eric White Specifically, how can Zero Trust be applied in space, what types of applications are there, and what tools are needed to achieve Zero Trust protection?
Jeff Mattson Well, space is a huge challenge for security in general and zero trust in particular. Because if you think about it, the satellites themselves have several layers of protection that don't really work that well if they're not connected to a functioning terrestrial network. Therefore, the terrestrial network must be protected. From recent events, we have seen an attack, a Viasat attack, an attack on modems. Therefore, attacks on industrial equipment such as modems can render satellite communications inoperable for a period of time. And the satellite itself also needs to be protected. Our adversaries are able to attack them through supply chain attacks, basically by putting malware and things like that into components within the supply chain, or by using some type of active attack to survive. We're looking at ways to try to compromise. Ground attack. Therefore, there are several components that need to be protected. And on top of that, there's actually the data itself. The fact that the data is streamed from the satellite is what really provides value, and in our case, our focus is on the warfighter. And we need to make the data available to the partners who need it. However, not all data is available to all partners. So you're actually controlling access to these partners and on an individual basis. So each of these layers, each segment can be secured with a Zero Trust strategy. The data itself can be protected with a zero trust strategy. It's not without its challenges, but you know, this is absolutely the right thing to do. As you say.
Eric White You know, these challenges just came from the Space Force IT department. And we hear that Zero Trust will be the front line of protecting America's space assets. Could you list some of the challenges you face when implementing it? Will Zero Trust be a comprehensive approach to solving many of the cybersecurity concerns we are seeing?
Jeff Mattson Well, I'm glad you used the term comprehensive approach. Because I think that's the best strategy. In particular, as you know, the overall strategy of the Space Force is that just having a few military satellites at high altitudes makes them easy targets for the enemy. The idea is to also use commercial low-orbit satellites. So are the thousands of commercial low-orbit satellites, which are much harder to attack. But in doing so, they must be able to apply the same types of security and operations that they apply to military systems to a wide range of third-party commercial systems. Therefore, our approach to Zero Trust is to use an overlay approach. Basically, we are inside the network, but completely invisible to the user. At both ends of the network, it can sit between all types of legacy devices and things like satellites, which currently cannot be reprogrammed. Build your own zero trust logic. We can stand between users and their systems and enforce zero trust principles. So the idea is to run this as an overlay and drop it in place. You know, we've actually seen that he can join any of these third-party commercial providers in one day and they're not going to notice any change in operations and they're going to extend Space Force coverage to other commercial providers. Can be extended to providers. You need to change your settings. That's exactly right. You know, it needs to be a comprehensive approach and the blanket needs to be a blanket that covers the entire footprint, including third parties.
Eric White When we talk about footprint, we're not talking about what's in the air, but what about on the ground and the buildings there that we rely on to actually operate these spacecraft? Or? I think there are some cyber vulnerabilities there. Can this technology be used to protect these assets?
Jeff Mattson Yes, absolutely. You're right, right now from a cyber perspective, the easiest thing to attack is the terrestrial network or modem. And the zero trust principles we're using. This not only enables end-to-end protection, but also encrypts and ensures integrity, securing the connection between, for example, a satellite and the consumer of the information it transmits. However, it is actually possible to protect the network itself from attacks. One reason this is so important is that, as anyone who follows the cyber world may have seen in the news, the most growing threat vectors today are networking and security equipment. That's true. It's a legacy. right. This means that there are many near-equivalent products on the market that have been developed over decades and have accumulated a lot of technical debt, and that adversaries and even criminal groups will compromise on them. An example of this is the Avanti VPN server, Avanti (formerly known as Pulse Secure), as you may know. It is one of the most popular VPNs among large corporations and is also used by the federal government. And as you know, CISA issued a warning last month directing all federal agencies to withdraw Avanti immediately. Warnings from the Five Eye countries and the FBI followed, saying the situation was even worse, saying VPN services were being actively compromised and there was no real way to verify them. Whether you're under attack or not, there's no real way to fix it if you are. This means that legacy systems like this, with 20 years of accumulated coding, can be vulnerable to attack. These are the types of network security protections that don't really work in this area. That's why Zero Trust principles include Secure by Design, products developed in collaboration with the military, embedded security principles, and heavy use of penetration testing. And official certification for a set of security standards is really what is needed to protect them.
Eric White Yeah. How do you assess the current cybersecurity situation with respect to U.S. space assets? Well, I think we can stay on the federal side for the time being. Because the Federation side is probably the best and has higher value among the enemies and malicious hackers. What do you think about the current situation?
Jeff Mattson Well, I think that's a great question. And what I'm saying is, you know, things are changing rapidly. Because, as I said, the current strategy is to leverage the entire commercial satellite ecosystem as well. So you can see a hodgepodge of different security solutions that these providers have in place. What we offer as a company is, you know, comprehensive protection that we can deploy together with these commercial partners, any commercial partners, even the Space Force, to provide that kind of end-to-end protection. And as we all know, some commercial providers may not have the most stringent security in place. As you know, cyber security is an area that is gaining recognition in this field. You probably know. However, having said that, deploying a solution like ours can significantly reduce the impact of a breach in another area of your network. For example, one of these legacy devices could be used to significantly slow down an attack from a near-equivalent competitor. , hacktivists, or other types of attackers.
Eric White If any of our listeners are playing the drinking game, the keyword is zero trust for sips. Overcoming zero trust technology. Are there other tools that might be included in the holster to protect these very new and, as you said, constantly changing networks?
Jeff Mattson Well, I think we need a multi-layered approach. So, Xage has a built-in feature called defense in depth. So we add encrypted, carefully monitored, authenticated end-to-end communications (ZT's buzzword, but we won't mention it anymore) to a sort of setup, and the drinking game begins. Yeah. Please give me a break.
Eric White Yeah. Please give him a break.
Jeff Mattson Yes, it is. So what we need to do is build in that past various checks for behavior that seems abnormal, such as files that may be infected with malware. You need to apply normal network patterns, but you also need to be aware if something is trying to deviate from those patterns. Behind the scenes is ZT's end-to-end protection, with many attempts in between to detect, contain, and mitigate attacks of all kinds. right. In other words, although it looks like a duck gliding on a lake, it is actually rowing very hard beneath the surface. You know, what our broader national security requires is being able to find the weak links within these networks and in the chains that serve, provide, defend and provide critical services. . And unprotected areas are areas that bad guys can quickly find, exploit, and move laterally. This means that if you have an approach that allows you to drop protection in the right place, you can deploy it anywhere. And as we know, satellites can be deployed under the same harsh conditions as on the ground. Being able to deploy in areas where there is intermittent or no network access, having ubiquitous coverage, and being able to cover very quickly with an overlay solution is, you know, what we think is really necessary to build resiliency into your network. That's what I'm thinking. our national infrastructure. The same goes for civilian and critical infrastructure and defense.
Eric White Geoff Mattson is the CEO of Xage security.
Copyright © 2024 Federal News Network. All rights reserved. This website is not directed to users within the European Economic Area.
