Dr. Chase Cunningham, a leading cybersecurity expert and originator of Forrester’s ZTX Zero Trust Extended Framework, shares the latest cybersecurity and Zero Trust news that executives need to know.
Weekly Summary (9/13/2021): TCISA’s now public draft for their version of a Zero Trust Maturity Model aims to help agencies develop their Zero Trust strategies and implementation plans. Its major tenet is to “prevent unauthorized access to data and services coupled with making the access control enforcement as granular as possible.” In non-government terms, Zero Trust shifts from a location/network-centric model to a more data-centric approach for fine-grained security. This makes a lot of sense and is the prescribed model that the DoD has been reviewing for a long time. But while securing the cloud can be difficult, especially in the behemoth that is the government cloud system, it’s a very solvable problem. The industry has the tools, and we know how to do this correctly. And the cloud is the “final frontier” of where we can fully implement a greenfield ZT infrastructure, but we must be strategic and programmatic to get it right. It is fair to say that moving to Zero Trust is non-trivial. CISA states, “it requires a change in an organization’s philosophy and culture around cybersecurity. The path to Zero trust is a journey that will take years to implement.” I couldn’t agree more.
Cyber News and Zero Trust Podcast: Subscribe to Chase’s podcast channel to hear him and his guests discuss the latest cybersecurity news. Click here to listen on Spotify. Click here to listen on iTunes.
YouTube Conversation: Why is data security so damn hard?: Listen to Dr. Chase Cunningham’s (aka Dr. Zero Trust) conversation with the team at Nullafi about why data security is hard, what we should be doing, and how this space is evolving as threats evolve. Click here to watch on YouTube.
Oklahoma CISO says pandemic accelerated zero-trust implementation
Oklahoma statewide CISO Matt Singleton said the health crisis encouraged his team to accelerate its implementation of zero-trust identity management.Read More
Making Zero Trust Real
What is Zero Trust and how can it be applied in an Active Directory world? This video explains how it changes how security is perceived.Watch Video
Air Force develops maturity model for zero trust across the department
The Air Force is developing a maturity model to help broaden its implementation of zero-trust principles in the foundation of its network architecture.Read More
The importance of a zero trust-based approach to identity security
97 percent of senior security executives say attackers are increasingly trying to steal one or more types of credentials, a CyberArk survey reveals.Read More
'Zero Trust': An Outdated Model?
According to Cyjax CISO, the zero trust is not aligned to the agility and the ability to collaborate" that businesses want today. It's a dated artifact of the past.Read More
How Cisco Implemented Zero Trust Security during the Pandemic
Speakers Bassem Khalife, Member of Technical Staff, Cisco Raj Kumar, Architect – Information Security, Cisco discuss Cisco's Zero Trust Journey.Read More
Zero Trust for Data
Data secured with strong enough encryption, is almost impossible to break without huge computing resources and effort. But, what makes encryption powerful is its downfall.Read More
5 tips for implementing a zero trust model
As attackers increasingly target less traditional users, accounts and assets, organizations should consider such a zero trust model to tighten security, says CyberArk.Read More
Why 2021 Is the Year for Zero Trust Security
Bad actors and market forces call for a zero-trust approach to security, making identity your new perimeter.Read More