Dr. Chase Cunningham, a recipient of Security magazine's Most Influential People in Security, has joined Ericom as its Chief Strategy Officer. In this role, he will shape the company's strategic vision, roadmap and key partnerships. Dr. Cunningham previously served as vice president and principal analyst at Forrester Research, providing strategic guidance on Zero Trust, artificial intelligence, machine learning and security architecture design for security leaders around the globe.

As organizations continue to adapt to life in the age of COVID-19, smartphones are set to take on additional responsibilities – even as the security limitations of these devices become ever more evident. Below, I’ve highlighted five key trends that are set to shape mobile security in 2021.

One Identity released global survey results that revealed that 37% of IT professionals rated rapid changes in their AD/AAD environment as the key impact of COVID-19 on their organization’s identity management team. Given the unique challenges of the sudden shift to remote work amidst COVID-19, businesses should look toward integrating AD/AAD with a strong privileged access management (PAM) solution in order to harness the full value of AD and AAD, dramatically increasing the security of their IT environments.

One lesson that is underscored by the disruption of COVID and the resulting transformation of business operations is the importance of IT modernization. Here, we know that business leaders understand its significance, but we also see evidence that failing to embed security into the strategies and plans for IT modernization may be a difference-maker.

Content-centric solutions that evaluate each message based on how likely it is to be bad create a gap through which identity-based email attacks can slip. A zero-trust email security model is vital to closing that gap. Zero-trust may also be characterized as zero-assumption.

Basketball can teach us a lot about managing the cybersecurity of an enterprise: it takes teamwork. This is perhaps most evident as organizations seek to adopt zero trust principles. The zero trust concept is not new, but I hear more organizations discussing it than ever before — driven by a desire for greater security, more flexible access, and accelerated by the shift to remote work due to COVID-19. At its core, zero trust focuses on providing least-privilege access to only those users who need it. Put it this way: don't trust anyone and even when you do, only give them what they need right now. This security philosophy would make Jordan proud, but in that vein, zero trust would not work without another player: identity management (perhaps it’s the Pippen factor!).

​​​​​​Between distributed workforces and scattered schedules, there’s no doubt the work environment has faced enormous disruption over the past few months, forcing enterprises to modernize their security measures. The solution? Jason Soroko, Chief Technology Officer (CTO) at Sectigo, believes it's a Zero-Trust Security Strategy. Here we talk to Soroko about the importance of a zero-trust strategy, especially during the ongoing COVID-19 pandemic. 

New research finds that the main difference between those who were successful in moving their Zero Trust initiatives forward were those that started out with formalized Zero Trust projects. Those that had dedicated budgets and formal initiatives (69%) were far more likely to continue accelerating those projects throughout the pandemic, while those that had ad hoc Zero Trust projects were more likely to stall progress or stop entirely.   

Today, Zero Trust is the subject of much discussion and debate; for instance, is Zero Trust doable in reality or more so in theory?  As many are aware, Zero Trust is a concept that deems everyone (employees, freelancers and vendors) and everything (datacenters, applications and devices) must be verified before being allowed into a network perimeter – whether they are on the inside or the outside of an organization.

Organizations may consider adopting an adaptive risk-based trust approach to securing their privileged access. This approach uses least-privilege, zero-trust as a baseline for how organizations build trust scores which will then be used to determine the level of security which is required to gain access to the cloud, and specific applications and systems.