As one embarks on a zero trust journey, it's best to start with a network approach, according to Amit Basu, who is vice president, chief information officer and chief information security officer at International Seaways, a New York-based tanker company.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
How does one decide the right approach to zero trust, and what are some important considerations to keep in mind? A panel of experts - Brett Winterford, Chirag Joshi and Jay Hira - share their in-depth views and discuss issues including how to take an identity-centric zero trust approach.
Lynn Peachey, the director of business development at Arete Incident Response, says that insurance companies have made "a pretty quick turnaround in terms of trying to respond to the ransomware epidemic." She discusses the changes they are making, which include leveraging data quantification.
While zero trust as a strategy is meant for every organization, attaining 100% zero trust is not, says Jay Hira, director of cyber transformation at EY in Sydney.
During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.
The Cybersecurity Executive Order requires every federal agency to adopt zero trust, and OMB published an updated Federal Zero Trust Strategy in Memorandum M-22-09. It outlines three Identity goals that every agency must achieve by the end of fiscal year 2024.Download this whitepaper to learn how you can quickly...
If there are two words federal cybersecurity experts hear most frequently today, they are probably “zero trust.” Not only are there plenty of mandates and other requirements to move in that direction, but there are practical reasons as well. It reduces agency risk; provides better control over access, assets and...
Zero Trust Network Access (ZTNA) is one of the biggest concepts in cybersecurity, and for good reason – it’s one of the most secure and reliable ways to protect critical assets, like systems, networks, applications, and data, from bad actors or inappropriate user access.
Use this Zero Trust checklist as a...
Keeping up with myriad data privacy and information security regulations has never been easy. Security mandates are complicated and constantly evolving. Adding to the complexity: organizations often face deadlines to meet compliance objectives – and fast.
Across industries and regions, compliance frameworks...
The adoption rate for software as a service (SaaS) has grown dramatically. However SaaS applications tend to be siloed, and that has made managing user access and authorization an increasing challenge. The task of onboarding users is a time-intensive, manual process that involves administrators across multiple...
The Cybersecurity Executive Order requires every federal agency to adopt zero trust, and the CISA Zero Trust Maturity Model aids the transition. It shows five pillars of zero trust, and the first is Identity.
Download this whitepaper and learn why zero trust begins with identity, and how to quickly achieve optimal...
Now more than ever, organizations are turning to a zero trust strategy to secure their data and systems. Regardless of size or sector, zero trust is essential to any business in the wake of COVID-19. And high-profile breaches, cloud migration and an ever-expanding attack surface mean that a shift in approach is...
Two trends that have only grown over the past two years: Hybrid workforce and adoption of the zero trust architecture. Peter Newton of Fortinet shares how zero trust network access is now key to helping ensure security with workers now balancing on-premise and remote work.
Sri Lanka-based Sujit Christy, group CISO at John Keells Holdings PLC, says his passion is empowering security practitioners with the right skills and knowledge and ensuring they speak the right language. He discusses cybersecurity adoption and enablement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.