How Do I Adopt a 'Zero Trust' Framework? - Deepstash
Metaverse

Learn more about technologyandthefuture with this collection

Find out the challenges it poses

Learn about the potential impact on society

Understanding the concept of Metaverse

Metaverse

Discover 76 similar ideas in

It takes just

10 mins to read

Approach Cybersecurity with Zero Trust Strategies

Approach Cybersecurity with Zero Trust Strategies

  • According to a recent survey conducted by iSMG, 100% of the respondents said that Zero Trust is critical to reducing their cybersecurity risk.
  • 46% said Zero Trust is the most crucial security practice.
  • Another survey by Forrester showed that 78% of security executives plan to raise their use of Zero Trust in 2022.

However, there's an execution problem with Zero Trust.

  • Forrester's survey reports full deployment of Zero Trust at only 6%.
  • 30% said Zero Trust is in partial deployment or production,
  • and 63% are in assessment, strategy or pilot phases.

As a result, many are just planning, not executing.

9

63 reads

Understand the protection surface

It's normal to start risk assessment with attack surface analysis. For example, security professionals look at where the perimeter is, how someone might break in and what method they might use.

With Zero Trust, it is different. The highest value and highest risk users and assets are recommended starting from the data and applications. Consequently, the protective surface is smaller than the attack perimeter and easier to defend.

Prioritise what to protect based on what's critical, then move to the next set of protection surfaces on the priority list.

10

44 reads

Maximizing Visibility

Maximizing Visibility

You can't protect what you can't see. First complete visibility to understand how everything connects and behaves, which is the cause of security gaps or broken workflows.

Once they get complete visibility, they can understand what trust and enforcement policies they need. Then they implement Zero Trust around four enforcement points (identities, devices, networks, applications, and data).

9

23 reads

Building The New Boundary - Micro-segmentation

Data centres traditionally manage networks and surrounding environments by creating a "micro-boundary" in the data centre with a differential segment, meaning only pre-approved traffic flows can pass.

When building a Zero Trust Architecture, the principle is the same, but the network segment and boundary will be much smaller. Consequently, the micro-segmentation policy should be de-coupled from the existing network architecture and have the capability to scale at ease.

The allowed list is based on policy, not IP addresses.

9

21 reads

Aligning Identities

Identity is the foundation of Zero Trust security. It means knowing where all identities originate: user identities, service accounts, application sessions, ephemeral identities, and cloud assets.

Identity-based Zero Trust continually monitors every access request made by all users to any resource in the system. It ensures a thorough audit trail for compliance.

10

21 reads

Reducing Attack Surface

Reducing Attack Surface

Remote workers accessing your network increase the attack surfaces on a new scale. The security team should find ways to reduce the attack surface to minimize exposure.

Internally, a micro-segmentation approach gives a secure 1:1 connection to authorized resources.

We can also apply Zero Trust security outside the organization against external threats by:

  • proactively mapping your digital footprint,
  • monitoring communication channels for attack indicators,
  • rapidly mitigating identified threats (including patching).

10

23 reads

Cybersecurity vs. Cyber-Resilience

Zero Trust models include Google's BeyondCorp, Gartner's CARTA, NIST SP800–207, and ZTX by Forrester. They assume that being compromised is inevitable.

The key difference between Cybersecurity and Cyber-Resilience is the focus of response.

  • In cybersecurity, we have DR/ BCP to ensure organizations can continue operations quickly. Yet, cybersecurity still focus on preventive controls.
  • Achieving cyber-resilience is not the endgame. It is an endless journey. Organizations must prepare for the worst and identify vulnerabilities before adversaries.

9

20 reads

CURATED BY

catherinma

Land/geomatics surveyor

CURATOR'S NOTE

With cybersecurity, the question is no longer only how to keep bad players out. Instead, the priority is how to recover as quickly as possible once an attack occurs.

Ready for the next level?

Read Like a Pro

stash-superman-illustration

Explore the World’s

Best Ideas

200,000+ ideas on pretty much any topic. Created by the smartest people around & well-organized so you can explore at will.

An Idea for Everything

Explore the biggest library of insights. And we've infused it with powerful filtering tools so you can easily find what you need.

Knowledge Library

Powerful Saving & Organizational Tools

Save ideas for later reading, for personalized stashes, or for remembering it later.

# Personal Growth

Take Your Ideas

Anywhere

Organize your ideas & listen on the go. And with Pro, there are no limits.

Listen on the go

Just press play and we take care of the words.

Never worry about spotty connections

No Internet access? No problem. Within the mobile app, all your ideas are available, even when offline.

Get Organized with Stashes

Ideas for your next work project? Quotes that inspire you? Put them in the right place so you never lose them.

Join

2 Million Stashers

4.8

5,740 Reviews

App Store

4.7

72,690 Reviews

Google Play

Ashley Anthony

This app is LOADED with RELEVANT, HELPFUL, AND EDUCATIONAL material. It is creatively intellectual, yet minimal enough to not overstimulate and create a learning block. I am exceptionally impressed with this app!

Sean Green

Great interesting short snippets of informative articles. Highly recommended to anyone who loves information and lacks patience.

Shankul Varada

Best app ever! You heard it right. This app has helped me get back on my quest to get things done while equipping myself with knowledge everyday.

samz905

Don’t look further if you love learning new things. A refreshing concept that provides quick ideas for busy thought leaders.

Giovanna Scalzone

Brilliant. It feels fresh and encouraging. So many interesting pieces of information that are just enough to absorb and apply. So happy I found this.

Ghazala Begum

Even five minutes a day will improve your thinking. I've come across new ideas and learnt to improve existing ways to become more motivated, confident and happier.

Laetitia Berton

I have only been using it for a few days now, but I have found answers to questions I had never consciously formulated, or to problems I face everyday at work or at home. I wish I had found this earlier, highly recommended!

Jamyson Haug

Great for quick bits of information and interesting ideas around whatever topics you are interested in. Visually, it looks great as well.

Read & Learn

20x Faster

without
deepstash

with
deepstash

with

deepstash

Access to 200,000+ ideas

Access to the mobile app

Unlimited idea saving & library

Unlimited history

Unlimited listening to ideas

Downloading & offline access

Personalized recommendations

FAQ

Claim Your Limited Offer

Get Deepstash Pro

Supercharge your mind with one idea per day

Enter your email and spend 1 minute every day to learn something new.

Email

I agree to receive email updates