Cybersecurity Leadership

Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

Zero-trust network implementations can require an entire redefinition of your network architecture, the introduction of new technologies, and the training of both users and IT. Here’s what you need to know when you make your move to zero-trust.

With more layoffs likely in 2023 – as well as many instances of company restructuring, market consolidation and increased employee churn — it is vitally important that organisations are alert to the potential data security risks that these periods of rapid change can bring.

Old perimeter-based defenses can throw up roadblocks to implementing a zero-trust strategy, but a measured, phased approach will see you through.

Businesses that adopt zero trust cybersecurity measures must remember that technology is less important than meeting stakeholders' needs.

Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.

Why is identity management more difficult in the cloud?

The FIDO Alliance is pushing for smartphones to become the authentication standard as the tech industry presses for new methods. 

With the amount of damage an attack could cause to a company's reputation and bottom line, it makes sense to trust no one.

By Stephen Gailey That's quite a bold statement to open with, particularly given how many different security technologies there are today. Holding one

Achieving a zero-trust framework is a multi-year maturity mindset, one that requires trust and cooperation to ensure that the framework is built on a solid foundation.

Adopting zero trust is no fail safe against cyberattacks. Attackers are constantly finding new ways to get around zero trust, and this often happens because not everything within the organization environment was considered when employing zero trust.

Putting technology first is the biggest mistake you can make with Zero Trust; working with stakeholders is key to success

Ultimately, to defeat identity-based attacks, businesses will want to adopt a “defense in depth” strategy that involves multiple layers of defense and recognizes that identity now plays an outsize role in the attacker playbook

Zero trust is not a product, but a security methodology based on defense-in-depth and least-privileged access concepts.

The identity tools and processes in place today are heavily fragmented and wrought with major gaps.

SaaS applications are, by definition, managed by a third-party and outside the organization’s control. How can organizations regulate access and ensure that applications and data are safe from attacks?

After a decade of work, the FIDO Alliance says it’s found the missing piece in the bridge to a password-free future.

New demands for scale, security and machine learning will support massive proliferation of internet-connected devices.