Long-time cyberveteran with the USAF and currently Federal Practice Lead at A-LIGN, Tony Bai and Joe Cortese, Penetration Testing Practice at A-LIGN, navigate the complex future of supply chain security and discuss who should be responsible for supply chain protection.
Lamont Orange, Netskope's Chief Information Security Officer (CISO), talks to Security magazine about how to foster a security-first culture with Security Access Service Edge (SASE) adoption.
In the spirit of building a solid foundation, Zero Trust security has once again come into the forefront. Whie the concept of Zero Trust is not new, the reality is that not enough organizations have adopted those in IT and security, the concept of identity-centric protection isn’t anything new.
Streaming - and really all content creators and consumers - would not have accelerated as it did without that much-needed bandwidth. In much the same way, we see the idea of Zero Trust Network Security, introduced more than a decade ago, needing its own boost for more widespread adoption. That help has arrived in the form of Secure Access Service Edge (SASE), the ideal framework for Zero Trust.
COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services.
Zero Trust Architecture (ZTA) is a trendy term touted by cybersecurity vendors. But there isn’t a single ZTA solution. The architecture is composed of numerous components, that when taken together, form a new paradigm for dealing with cybersecurity that is appropriate in a modern world where corporate enterprises are no longer confined to a well-defined and trustworthy perimeter such as remote working and cloud environments. For reference, the National Institute of Standards and Technology (NIST) has created a very detailed ZTA publication
Microsoft announced they had closed their internal investigation of the SolarWinds attack. The Microsoft Security Research Center (MSRC), which has shared learnings and guidance throughout the Solorigate incident, confirmed that following the completion of their internal investigation, Microsoft has seen no evidence that Microsoft systems were used to attack others. There was also no evidence of access to Microsoft production services or customer data.
With work from home becoming the norm, employees are likely letting their guards down, allowing people in the same household, whether family or visitors, to have access to work-related content. That is why a good cybersecurity strategy starts with people—and a zero trust approach.
With millions of people working from home at present, and likely into the future, the enterprise perimeter has all but dissolved. In the process, organizations are struggling to ensure security in this "zero-trust" and remote era.
Just as you would imagine based on its name, Zero Trust requires authentication of each touchpoint connecting to an organization’s network, aiming to transform it into an impenetrable fortress. Regardless of its benefits, even Zero Trust has its limitations and can create friction unnecessarily, which could have a lasting effect on employee productivity and an overextension of security resources. Are there any alternatives? Is there another remedy that can provide a similar level of security as Zero Trust without the friction? Zero Trust 2.0 is the answer.
