Moving to Zero Trust – One Step at a Time
In the old days, most corporate IT environments established trust mostly as a function of location and the physical world. Today, this is meaningless. Traditional perimeters have eroded, and security teams are faced with the task of establishing trust in an inherently untrustworthy digital world with little to no relation to the physical world and its boundaries. What’s more, the emphasis on Zero Trust makes it seem that there’s a product or check box to get there, instead of seeing Zero Trust as the end goal to which we constantly weigh options, innovate, and reduce trust to achieve, whether we get there in the end or not.
In this webinar, cybersecurity experts Sam Curry CSO at Cybereason and Hector Monsegur Corporate Pen-tester and Expert Security Reseacher with rThreat examine the continuum that runs from Zero Trust to complete trust, and the changing implication tradeoffs in risk and business terms throughout. For practical reasons, the Zero Trust ideal of “never trust, always verify” has evolved into something more nuanced, dynamic – and achievable. You’ll learn how incremental steps toward Zero Trust can pave a more realistic path, one that for now moves us to the least trust needed to align what the business needs and what keeps it secure. Perfection is the enemy of the good.
Discussion will include:
- The trust continuum: Balancing trust, risk, and user needs
- Practical problems with moving from “trust” to “Zero Trust” too quickly
- Steps to least trust – meeting the needs of the business while keeping it secure