SlideShare une entreprise Scribd logo

Zero Trust : How to Get Started

Author : Bernard Wanyama Presented at EOCON 2022 Video of the presentation : https://youtu.be/R461JXLfsbk

1  sur  29
Zero Trust : How to Get Started
1.Overview of Zero Trust
2.Why Does Zero Trust Matter?
3.Principles of Zero Trust
4.Getting Started
5.Conclusion
PLAN
Trust:
Human interactions are guided by the concept of trust
Overview of Zero Trust
Trust but verify.
Overview of Zero Trust
• “Zero Trust Model” was coined by Forrester Research
analyst and thought-leader John Kindervag in 2010
• “never trust, always verify.”
• based on the assumption that risk is an inherent factor
both inside and outside the network.
Overview of Zero Trust

Recommandé

(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to RealityPriyanka Aash
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architectureDenise Bailey
 

Contenu connexe

Tendances

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...BCM Institute
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations CenterSiemplify
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMElasticsearch
 
Secure Software Development Life Cycle (SSDLC)
Secure Software Development Life Cycle (SSDLC)Secure Software Development Life Cycle (SSDLC)
Secure Software Development Life Cycle (SSDLC)Aymeric Lagier
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 

Tendances (20)

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
 
Secure Software Development Life Cycle (SSDLC)
Secure Software Development Life Cycle (SSDLC)Secure Software Development Life Cycle (SSDLC)
Secure Software Development Life Cycle (SSDLC)
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 

Similaire à Zero Trust : How to Get Started

Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Duo Security
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...EC-Council
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
Why Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum SecurityWhy Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum SecurityPriyanka Aash
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxMark Simos
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
Shadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlShadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlCipherCloud
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 
What is Zero Trust Cybersecurity?
What is Zero Trust Cybersecurity?What is Zero Trust Cybersecurity?
What is Zero Trust Cybersecurity?Metaorange
 
How to build a cyber threat intelligence program
How to build a cyber threat intelligence programHow to build a cyber threat intelligence program
How to build a cyber threat intelligence programMark Arena
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderEvan Francen
 
Zero Trust Best Practices for Kubernetes
Zero Trust Best Practices for KubernetesZero Trust Best Practices for Kubernetes
Zero Trust Best Practices for KubernetesNGINX, Inc.
 
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerTransforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerCloudPassage
 
Certes webinar securing the frictionless enterprise
Certes webinar   securing the frictionless enterpriseCertes webinar   securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseJason Bloomberg
 

Similaire à Zero Trust : How to Get Started (20)

Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
 
Why Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum SecurityWhy Zero Trust Yields Maximum Security
Why Zero Trust Yields Maximum Security
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptx
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environment
 
Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real life
 
Shadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlShadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining Control
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
What is Zero Trust Cybersecurity?
What is Zero Trust Cybersecurity?What is Zero Trust Cybersecurity?
What is Zero Trust Cybersecurity?
 
How to build a cyber threat intelligence program
How to build a cyber threat intelligence programHow to build a cyber threat intelligence program
How to build a cyber threat intelligence program
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a Leader
 
Zero Trust Best Practices for Kubernetes
Zero Trust Best Practices for KubernetesZero Trust Best Practices for Kubernetes
Zero Trust Best Practices for Kubernetes
 
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerTransforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
 
Certes webinar securing the frictionless enterprise
Certes webinar   securing the frictionless enterpriseCertes webinar   securing the frictionless enterprise
Certes webinar securing the frictionless enterprise
 

Plus de EyesOpen Association

COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATIONCOLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATIONEyesOpen Association
 
Ransomware : Challenges and best practices
Ransomware : Challenges and best practices Ransomware : Challenges and best practices
Ransomware : Challenges and best practices EyesOpen Association
 
Gestion des Incidents: prendre le contrôle de votre processus
Gestion des Incidents: prendre le contrôle de votre processus Gestion des Incidents: prendre le contrôle de votre processus
Gestion des Incidents: prendre le contrôle de votre processus EyesOpen Association
 
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...EyesOpen Association
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategiesEyesOpen Association
 
Internal and External threats to a corporate network : Bypassing perimeter de...
Internal and External threats to a corporate network : Bypassing perimeter de...Internal and External threats to a corporate network : Bypassing perimeter de...
Internal and External threats to a corporate network : Bypassing perimeter de...EyesOpen Association
 
Cybersecurity Competencies and the Future of Work
Cybersecurity Competencies and the Future of Work Cybersecurity Competencies and the Future of Work
Cybersecurity Competencies and the Future of Work EyesOpen Association
 
Approche de sécurisation des identités: Cas de Active Directory
Approche de sécurisation des identités: Cas de Active DirectoryApproche de sécurisation des identités: Cas de Active Directory
Approche de sécurisation des identités: Cas de Active DirectoryEyesOpen Association
 
Cyber threat intelligence avec Open CTI
Cyber threat intelligence avec Open CTI Cyber threat intelligence avec Open CTI
Cyber threat intelligence avec Open CTI EyesOpen Association
 
Le rôle de la sensibilisation et de la formation à la cybersécurité
Le rôle de la sensibilisation et de la formation à la cybersécuritéLe rôle de la sensibilisation et de la formation à la cybersécurité
Le rôle de la sensibilisation et de la formation à la cybersécuritéEyesOpen Association
 
Cyber psychology: Understand your cyber security mental health culture
Cyber psychology: Understand your cyber security mental health culture Cyber psychology: Understand your cyber security mental health culture
Cyber psychology: Understand your cyber security mental health culture EyesOpen Association
 
La sécurité des API: Quand les mauvais élèves entrent en piste.
La sécurité des API: Quand les mauvais élèves entrent en piste.La sécurité des API: Quand les mauvais élèves entrent en piste.
La sécurité des API: Quand les mauvais élèves entrent en piste.EyesOpen Association
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseEyesOpen Association
 
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique EyesOpen Association
 
Report: Digital Transformation and Application Security Posture in West and C...
Report: Digital Transformation and Application Security Posture in West and C...Report: Digital Transformation and Application Security Posture in West and C...
Report: Digital Transformation and Application Security Posture in West and C...EyesOpen Association
 
Cybersecurity in Mergers and Acquisitions (M&A)
Cybersecurity in Mergers and Acquisitions (M&A) Cybersecurity in Mergers and Acquisitions (M&A)
Cybersecurity in Mergers and Acquisitions (M&A) EyesOpen Association
 
The evolving shape of Cybersecurity landscape in Africa
The evolving shape of Cybersecurity landscape in Africa The evolving shape of Cybersecurity landscape in Africa
The evolving shape of Cybersecurity landscape in Africa EyesOpen Association
 
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...EyesOpen Association
 

Plus de EyesOpen Association (20)

COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATIONCOLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
 
Ransomware : Challenges and best practices
Ransomware : Challenges and best practices Ransomware : Challenges and best practices
Ransomware : Challenges and best practices
 
Gestion des Incidents: prendre le contrôle de votre processus
Gestion des Incidents: prendre le contrôle de votre processus Gestion des Incidents: prendre le contrôle de votre processus
Gestion des Incidents: prendre le contrôle de votre processus
 
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategies
 
CTFaaS pour la cybereducation
CTFaaS pour la cybereducationCTFaaS pour la cybereducation
CTFaaS pour la cybereducation
 
Phishing mails: Bonnes pratiques
Phishing mails: Bonnes pratiques Phishing mails: Bonnes pratiques
Phishing mails: Bonnes pratiques
 
Internal and External threats to a corporate network : Bypassing perimeter de...
Internal and External threats to a corporate network : Bypassing perimeter de...Internal and External threats to a corporate network : Bypassing perimeter de...
Internal and External threats to a corporate network : Bypassing perimeter de...
 
Cybersecurity Competencies and the Future of Work
Cybersecurity Competencies and the Future of Work Cybersecurity Competencies and the Future of Work
Cybersecurity Competencies and the Future of Work
 
Approche de sécurisation des identités: Cas de Active Directory
Approche de sécurisation des identités: Cas de Active DirectoryApproche de sécurisation des identités: Cas de Active Directory
Approche de sécurisation des identités: Cas de Active Directory
 
Cyber threat intelligence avec Open CTI
Cyber threat intelligence avec Open CTI Cyber threat intelligence avec Open CTI
Cyber threat intelligence avec Open CTI
 
Le rôle de la sensibilisation et de la formation à la cybersécurité
Le rôle de la sensibilisation et de la formation à la cybersécuritéLe rôle de la sensibilisation et de la formation à la cybersécurité
Le rôle de la sensibilisation et de la formation à la cybersécurité
 
Cyber psychology: Understand your cyber security mental health culture
Cyber psychology: Understand your cyber security mental health culture Cyber psychology: Understand your cyber security mental health culture
Cyber psychology: Understand your cyber security mental health culture
 
La sécurité des API: Quand les mauvais élèves entrent en piste.
La sécurité des API: Quand les mauvais élèves entrent en piste.La sécurité des API: Quand les mauvais élèves entrent en piste.
La sécurité des API: Quand les mauvais élèves entrent en piste.
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
 
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
 
Report: Digital Transformation and Application Security Posture in West and C...
Report: Digital Transformation and Application Security Posture in West and C...Report: Digital Transformation and Application Security Posture in West and C...
Report: Digital Transformation and Application Security Posture in West and C...
 
Cybersecurity in Mergers and Acquisitions (M&A)
Cybersecurity in Mergers and Acquisitions (M&A) Cybersecurity in Mergers and Acquisitions (M&A)
Cybersecurity in Mergers and Acquisitions (M&A)
 
The evolving shape of Cybersecurity landscape in Africa
The evolving shape of Cybersecurity landscape in Africa The evolving shape of Cybersecurity landscape in Africa
The evolving shape of Cybersecurity landscape in Africa
 
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...
L'Art du threat Modeling : Modéliser les menaces informatiques avec la méthod...
 

Dernier

Chapter 20 Firms in IGCSE economics presentation
Chapter 20  Firms in IGCSE  economics presentationChapter 20  Firms in IGCSE  economics presentation
Chapter 20 Firms in IGCSE economics presentationSamandarbekNumonov
 
Present and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanPresent and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanCaribbean Development Bank
 
DAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxDAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxFamilyWorshipCenterD
 
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxDivyaPatel621561
 
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdf
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdfInstructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdf
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdfaytenfsuc
 
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfAWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfVladimir Samoylov
 
Partnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanPartnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanCaribbean Development Bank
 
Supporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanSupporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanCaribbean Development Bank
 
Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Giulio Prisco
 
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptxNinia
 
VAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir ChildrenVAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir Childrendilgpitogo2023
 
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxTeams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxKai Stenberg
 
KKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKarthik Krishna
 

Dernier (14)

Chapter 20 Firms in IGCSE economics presentation
Chapter 20  Firms in IGCSE  economics presentationChapter 20  Firms in IGCSE  economics presentation
Chapter 20 Firms in IGCSE economics presentation
 
Present and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanPresent and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the Caribbean
 
DAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxDAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptx
 
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
 
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdf
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdfInstructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdf
Instructional Supervision - By Dr. Cherinet Aytenfsu Weldearegay.pdf
 
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfAWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
 
Partnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanPartnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the Caribbean
 
Supporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanSupporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the Caribbean
 
Auditorium Session 1 - Connection - Inclusion
Auditorium Session 1 - Connection - InclusionAuditorium Session 1 - Connection - Inclusion
Auditorium Session 1 - Connection - Inclusion
 
Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...
 
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
 
VAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir ChildrenVAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir Children
 
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxTeams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
 
KKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program Concept
 

Zero Trust : How to Get Started

  • 2. 1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 3. Trust: Human interactions are guided by the concept of trust Overview of Zero Trust
  • 5. Overview of Zero Trust • “Zero Trust Model” was coined by Forrester Research analyst and thought-leader John Kindervag in 2010 • “never trust, always verify.” • based on the assumption that risk is an inherent factor both inside and outside the network.
  • 7. 1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 8. Why Does Zero Trust Matter? • The human concept of boundaries or the perimeter • The evolving nature of risk and threats
  • 9. Why Does Zero Trust Matter? The human concept of boundaries or the perimeter
  • 10. Why Does Zero Trust Matter? The human concept of boundaries or the perimeter Change of tactics. Breach from the INSIDE!
  • 11. Why Does Zero Trust Matter? The evolving nature of risk and threats – LANDSCAPE SHIFT
  • 12. Why Does Zero Trust Matter? LANDSCAPE SHIFT – Information & Technology
  • 13. Why Does Zero Trust Matter? Business Challenges: Increased access, attack surface & gaps in visibility
  • 14. 1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 15. Principles of Zero Trust Traditional Zero Trust Move away from • Assumptions • Implicit Trust Move towards • Strong authentication • Context • Explicit Trust
  • 16. Principles of Zero Trust Focuses on protection of data, not on attacks Assumes all environments are hostile and breached No access device until user + device is proven “trusted” Authorize and encrypt all transactions and flows All activity is logged
  • 17. 7 Zero Trust Foundational Rules 1. All data sources and computing services are considered resources. 2. All communication is secured regardless of network location. 3. Access to individual enterprise resources is granted on a per-session basis. 4. Access to resources is determined by dynamic policy. 5. The enterprise monitors and measures the integrity and security posture of all owned and associated assets. 6. All resource authentication and authorization is dynamic and strictly enforced before access is allowed. 7. The enterprise collects as much information as possible about the current state of assets, network infrastructure and communications, and uses it to improve its security posture. Source: NIST Special Publication (SP) 800-207 (2020), Zero Trust Architecture Principles of Zero Trust
  • 18. Principles of Zero Trust Source: NIST SP 800-207 ZERO TRUST ARCHITECTURE
  • 19. Principles of Zero Trust Types of Trust Algorithms • Criteria- versus score-based • Singular versus contextual”
  • 21. 1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 22. Getting Started • What are your ‘crown jewels’? • Where are they? • Who looks after them?
  • 24. Getting Started Users & Devices • MFA • Biometrics • PKI • IoT Apps & Data • Data Classification • DLP • Microservices • APIs • DevSecOps Networks • Microsegmentation • Cloud • SD-WAN • SASE
  • 25. 1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 26. Conclusion • The perimeter no longer exists • Identity and credentials are the new perimeter • Assume breach • Insiders carry the greatest risk – as targets and as threats • Start your Zero-Trust Initiative with Zero-Trust Thinking • Automate & Orchestrate your Security Policy
  • 27. Call to Action Verify, then trust!
  • 28. M E R C I ! T H A N K Y O U ! QUESTIONS ?