When emergency strikes, it’s time for a native zero-trust network
When we imagine a world of autonomous vehicles, we picture them functioning in a calm and orderly fashion up and down the highway, like robots in a well organised factory. But if your organisation is operating a fleet of them, and a major emergency strikes – let's say an earthquake - then you need to be sure you have a rock solid way to centrally control and orchestrate these vehicles or chaos will result.
Galeal Zino, Founder and CEO with zero trust connectivity specialist NetFoundry, confronted this challenge in a recent interview conducted by Roy Chua, Founder and industry analyst at AvidThink. The ramifications were starkly clear: "In any kind of serious emergency you need to get emergency vehicles on the scene as fast as possible, and that means making sure that other cars are not clogging the roads," points out Zino. "If you imagine that most are autonomous then that's a pretty big test for how well they are centrally controlled."
The orchestration of these vehicles might rely on a V2X (vehicle to everything) communication system that enables the sharing of information, or if not that then some other form of centralised control. "Well, if you can control cars in this way, so can a hacker," warns Zino. "Somebody with malice in mind can turn your autonomous car or truck into what is essentially a missile."
NetFoundry recently demonstrated a solution to this problem in tandem with Lockheed Martin and the University of Auburn: "We showed how you can handle all that V2X communication safely, over a native zero-trust NetFoundry network. You can control vehicles in a number of possible emergency situations, but an attacker has no access to them at all."
A solution of this sort is really the only way you can establish a reliable private global network between multiple end points, whether that's between an autonomous car and a server, or between a drone and somebody on the ground with a 5G handset, or even between an API and the agentic AI that's talking to it. Beyond the confines of the WAN, where its either a VPN or the Internet carrying your traffic, then whether we're talking agentic flows, autonomous flows or IoT flows, none are really secure. This means people have historically had to rely either on open communications, or have had to build their own secure encryption stack.
Some, says Zino, are using an Access Point Name (APN), a unique identifier that tells a mobile device how to connect to a specific network: "It's a private mobile connection, but it fosters a dangerous illusion because what a private APN really does is take traffic to the nearest cell location, like a Packet Data Network Gateway (PGW). Then it's a VPN connection from that PGW back to wherever the server is, on AWS, Azure, GCP or whatever. Opening up a huge network-level tunnel like that is a really bad idea. We don't do that inside our WAN with SASE, and yet we do it for more critical workloads outside the WAN."
A range of use cases
A zero-trust secure connection has many applications beyond automotive. It's really for any industry that cares about security, and managing that security at scale. Zino says that financial services is a prime instance, with NetFoundry active in the majority of the top US banks. He also cites healthcare and critical infrastructure.
"The problem all these sectors have had is being forced to trade off between security and complexity," he says. "But if you move to a 'secure by design' basis, similar to what happened with DevOps as we shifted left, all of a sudden everything becomes a lot simpler to implement. That's where we have found the most amount of traction so far. If you secure the underlying layer and provide an abstraction that's also secure, with the communication on top, you don't have to worry about all the complicated things like identity authentication and mutual authentication."
Clearly this model is preferable to starting with an inherently insecure network, one whose job it is to deliver packets whether authenticated or unauthenticated. Before long you're bolting a bunch of day two security on top to compensate for the fact that there are some bad packets in there. A software-based overlay like NetFoundry's adopts the opposite model where no packets are allowed on the overlay unless they have been strongly identified, authenticated and authorised. By defining what is permitted on the network, then any device or vehicle trying to talk to a server that it shouldn't be talking to can't even get on the network. The same applies with any kind of critical infrastructure - oil, gas local government applications, law enforcement, public safety, manufacturing and of course the financial sector.
Drilling down into the example of manufacturing, Zino points out that while it accounts for around 15% of the world's GDP, it is largely 'air-gapped', or at least not very connected. "This will need to change in a future of robotics, edge AI, preventative maintenance, digital twins, energy optimisation. Manufacturing organisations do have to connect outside these days. We work with one of the world's biggest industrial automation leaders, headquartered in Germany. They've built their products to make them zero trust native. So for a manufacturer or a grid operator or anybody deploying their vast array of products, they are doing it via a zero trust connection without having to go and figure out port forwarding, IP addresses, VLANs and VPNs. That always means a mess."
The trick, Zino says, is to let an expert stack take care of all the complicated things below, so you can just focus on getting the applications right and not worry about other elements. By trying to handle the whole infrastructure around the trust issue yourself, then suddenly you're deep in identity management, certificates, mutual authentication, and that's the messy part that people too often get wrong. That's usually where the weakness is, rather than in the actual transport encryption protocol. When it comes to trying to identify the cause of a cyberattack then people are soon blaming the fact that they didn't upgrade, or somebody misconfigured the system. Naturally bad things are going to happen when it's all a highly complex day two operation. But it doesn't have to be like that. You don't need to handle it yourself.
Now, according to Zino, NetFoundry is taking everything a step further: "Normally the encryption key stays sovereign to the endpoints, but not in our model," he explains. "Data sovereignty is important, especially when you have clients all over the world. In the EU there's a particular sensitivity around who holds the encryption keys, especially where an organisation is not native to Europe.
The future of networking
On the subject of NetFoundry's future ambitions. "We just want to make the world a more secure place," he says. "We're already working with some very impressive names. That's probably because the motivation to use us is strongest in Fortune 500 banks, in critical infrastructure, in manufacturing. Retail and hospitality are likely future targets. We've always managed to punch above our weight as a startup."
The company's future focus, he believes, is likely to be as much horizontal as vertical, reflecting the reality of modern networking: "We want to be looking at secure networking as part of a wider business transformation initiative. The old days was about building cloud native apps and the lifting and shifting of apps to the cloud, app modernisation, digital transformation. Now it's more about agentic AI, where people want AI and LLMs to be local, sovereign, in their data centre. The data it's talking to is likely to be really sensitive data. You might need it to talk to the rest of the world. People are starting to want an application-specific network, a network that agentic AI uses to talk to its databases where nothing else is allowed on the network. It's quarantined, isolated by design. That's not something you want to be trying to figure out after the fact, let alone building for yourself. This will be a big growth area for us."
