‘Verify Everything’: Cyber Pro Outlines ‘Zero Trust’ Model



Dan Gunderman
04/05/2018

This May, IT security practitioners will be participating in the inaugural Cyber Security Digital Summit. The three-day event will be held online – thus making access simple and free.

You can even access event materials from the comfort of your desk. That offer’s just too good to pass up – especially as the threat landscape transitions week-over-week.

When should you mark your calendars? The Summit will be held May 8-10, 2018. Each featured cyber professional will offer trending, cutting-edge content to an eager audience.

The attached benefits of the Summit really hearken back to the threat landscape. What better way to stay on top of the evolving threats, than participating in an event aimed at assisting the cyber security practitioner’s daily workflow?

Plus, with the oversaturation of media content – sometimes alarmist – warning CISOs against movement here, and precautions there, it’s tough to glean useful information. The Digital Summit, however, will provide just that – ultimately allowing for safer controls in your own enterprise.

As we’ve mentioned before here at the Cyber Security Hub, there are a number of variables in today’s security discussion. The result: a patchwork system that could leave you vulnerable to a data breach/exfiltration. In the May event, cutting-edge sessions and in-depth panels will light the way.

After the fact, registrants will be able to access downloadable content. Also, during the sessions, attendees can submit questions (in real time) to the security pros.

The ‘Zero Trust’ Model

On Wednesday, May 10 from 12 – 1 p.m. EDT, Giacomo Collini, Director of Information Security for King.com (“Candy Crush”), will be presiding over a session called “Exploring Zero Trust as the Model for Future Cyber Security.”

As described, Zero Trust is a security concept centered on the belief that an organization should not automatically trust anything inside or outside its perimeters, and instead, must verify anything and everything trying to connect to its systems before granting access.

In the session, Collini will be breaking down this security model – and how it could be vital as companies move from physical offices to digital and remote employees. Collini will also discuss the presence of physical spaces on the IT infrastructure, plus the role of the cloud and the business value of the model.

See Related: Preparation & Response Chain: CISO Takls Enterprise Readiness

Collini told the Cyber Security Hub that "Zero Trust is key to enable companies to transition to a pure cloud environment."

He continued: "It requires a holistic approach and it doesn't admit mistakes. Layered controls still make sense but they must be carefully designed to avoid unnecessary complexity, loss of focus and hidden cracks."

According to Palo Alto Networks, which goes into some depth about the model, the concept was first introduced by the analyst firm Forrester Research. Palo Alto writes that the conventional security model assumes that everything inside the network is trustworthy. But the attack plain has experienced seismic shifts.

Threats that get inside, the network continues, are left invisible, uninspected and free to morph. Zero Trust, however, is based on the motto: “Never trust, always verify.” It’s “designed to address lateral threat movement within the network by leveraging micro-segmentation and granular perimeters enforcement, based on user, data and location.”

Curious? Learn more about this innovative strategy on May 10, from 12 – 1 p.m. EDT, with King.com’s Collini.

In Closing…

Prospective attendees to the Summit can also view a curated Resource Library, which contains Cyber Security Hub’s most popular content – from articles to long-form reports.

Wherever you are in the cyber security journey, the Digital Summit can help you develop a blueprint for resiliency. To register, visit http://register.cshub.com/-cyber-security-digital-summit/. It’s quick, easy and free! You can sign up for the entire week or selected sessions on one simple registration page.

Be Sure To Check Out: Encryption & Controls: Reducing Insider Threats In Healthcare