"Never trust, always verify" is the basis of zero trust. However, as long as the alphanumeric password is being used, no network can genuinely claim it is compliant with that principle. While random password generators within browsers and stricter password policies have slightly improved security, they don't solve the...
The rapid shift to remote working early in the pandemic and the discovery of serious new flaws such as Log4j have driven criminals to continue probing "what's vulnerable, and how to exploit it," says Casey Ellis, CTO and founder of Bugcrowd. Here's how he recommends organizations respond.
It's been a year since President Biden's executive order that called out zero trust as a primary focus. Richard "Chit" Chitamitre of Corelight discusses the prevalent misunderstandings about zero trust, as well as use cases for how to embrace the framework and make measurable progress along the way.
Anneka Gupta, chief product officer at Rubrik, discusses embedding zero trust principles into how the security company provides data resilience, data observability and data recovery for organizations. She also describes the "software-first" approach of building immutability directly into software.
The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of SBOMs and zero trust. The cyber-physical nexus and expanding threat surface mean it's not easy to maintain vigilance, but recognizing that is the first step.
The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.
A Zero Trust strategy means there are no trusted users or assets, everything is checked and verified before access is granted for a limited time. This guide will help you and your team establish the right environment for a successful Zero Trust program.
Discover how you can accelerate digital transformation and master your remote security strategy with the Gartner® Market Guide for ZTNA. Dive into the benefits, recommendations and new key findings in a detailed market analysis.
Read the guide today and learn:
How to Evaluate ZTNA Offerings
The Critical Role...
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.
Cloudflare sees opportunity in the growth of zero trust and is integrating recent email and cloud security acquisitions with native data security and network discovery capabilities. "I like the fact that we can grow in both directions," says company CEO Matthew Prince.
Hardware firewall VPNs of yesterday simply cannot protect workers beyond the traditional perimeter. This leaves a major security gap for today’s modern organization in a continuing effort to reduce external threats and protect remote employees.
The answer? Zero Trust Network Access (ZTNA). Don’t leave your...
Evolving to a zero trust architecture can be overwhelming for organizations, leaving many unsure of where they should even start. Cloudflare Chief Security Officer Joe Sullivan urges CISOs to break the journey into bite-sized chunks that can be easily digested.
In the latest weekly update, Jeremy Grant, coordinator of the Better Identity Coalition, joins three editors at ISMG to discuss important cybersecurity issues, including where we are with passwordless, if we are getting closer to a U.S. federal privacy law, and next-gen authentication technologies.
Organizations have created significant security challenges by rapidly migrating applications, data and workloads to multiple public clouds over the course of the COVID-19 pandemic, according to Abbas Kudrati of Microsoft and Upendra Singh of HCL.