2021 will be remembered as the point in time in which cybersecurity decisions mirrored the importance of business decisions. Given the exponential increase in cyber threats due to rapid cloud migration, remote workforces, and the explosion of connected devices, organizations realize they need to have a more proactive response. In both government and commercial organizations, zero trust security frameworks are now a regular topic at the board and leadership levels. Executives are demanding more visibility and control across their networks.
But translating this desire to achieve “zero trust” into action isn’t easy. The Biden administration announced a zero-trust framework for all federal networks and systems, but these same principles apply universally, across industries. We will look carefully at approaches to meet 3 or the 5 basic guidelines of the Office of Management and Budget’s “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles”
· Ensuring complete device inventory: How to go about maintaining an inventory of every piece of network fabric from your on-premise network devices, & hosts to public and private cloud instances.
· Segmenting networks around applications: Discussion on the importance of planning and verifying your network segmentation policies pre-deployment on-premise or to the cloud, and then continuously monitor that required state.
· Discovering internet-accessible applications: Is it possible to understand every possible path into your network from the internet and all accessible assets?