Access Management , COVID-19 , Critical Infrastructure Security
Building Business Resilience Through 'Zero Trust'
Panel Discusses Essential Components of the ModelBuilding business resilience through a "zero trust" approach requires role-based authentication, user access velocity checks and monitoring people, processes and technologies, a panel of experts says.
See Also: The State of Organizations' Security Posture as of Q1 2018
"The 'zero trust' architecture needs to deploy an identity-based authentication approach, moving from passwordless authentication into using tokens and biometric methods to ensure frictionless security," says Singapore-based Gautam Aggarwal, senior vice president, operation and technology, and APAC regional CTO at Mastercard.
Another panelist, Singapore-based Robert Poh, director Asia, Financial Services Information Sharing and Analysis Center, says re-defining the access policies to build a single authentication platform and enhance monitoring capabilities also is critical.
Philippines-based Maria Filomena Gibe, CISO and DPO, City Savings Bank, adds: "The drive towards implementing a 'zero trust' framework starts with ensuring the tablets used by the business groups are secured with mobile device management, combined with authentication and authorization of the device."
The panel discussion was featured at Information Security Media Group's recent Cybersecurity Virtual Asia Summit: Financial Services.
In this video, the three experts address:
- Moving from a "castle and moat" security architecture to the "zero trust" model;
- Addressing the people, process and technology components in building business resilience;
- Using an identity-based approach to "zero trust."
Aggarwal is the regional CTO at Mastercard, responsible for leading network technology and service operations in the Asia Pacific. As a member of Mastercard's AP leadership team, he is spearheading Mastercard's $1 billion in technology investments across Asia as well as the company's real-time payments infrastructure hub.
Poh serves as director, Asia, for FS-ISAC based in Singapore. He is responsible for facilitating relationships with members and partner organizations in the region.
In addition to serving as CISO at City Savings Bank, Gibe is also the DPO and CSO. She has been working in the banking industry for 31 years, with 12 years focused on information security.