Aligning Zero Trust with Organizational Governance and Compliance Practices

Logo
Presented by

Alex Sharpe, Principal,Sharpe42

About this talk

Historically, security architectures relied on a castle and moat strategy. We derived a certain amount of comfort knowing our assets were protected inside the castle. We placed a base level of trust in people because they entered the same gates, we did to enter the castle. Post-Covid, the castle is more porous than ever. Enterprises are much more complex, with most revenue driven by digital, and more than half of corporate valuations are derived from intangible, usually digital assets. With about 36 million people working from home at least part-time, our exposure has only increased. Traditional security practices do not work. Zero Trust fundamentally changes the way we view security architectures, how we minimize the blast radius, and how we respond to incidents. This session focuses on not only the philosophy of Zero Trust but, more importantly, how Zero Trust fits into traditional Governance, Risk Management, and Compliance (GRC) practices like the Lines of Defense (LODs), Risk Registers, and RAIC diagrams. The session will begin with an overview of how the game has changed. We will then talk about where Zero Trust fits into your strategy and end with practical guidance on crafting your Zero Trust journey with a list of things you can do today.

Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (868)
Subscribers (54322)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa