George WilkesJuly 4, 2022
PODCAST: Is Zero Trust Security a Buzzword or a Breakthrough?
The Zero Trust security conversation is filled with imitators, pretenders, acronyms and jargon. So how do you navigate through the hype? The simple truth is Zero Trust is secure access built on these key principles: zero implicit trust, identity and context aware, least privilege access and full coverage and visibility.
On this Zero Trust Thirty podcast episode, Dr. Chase Cunningham, aka Dr. Zero Trust, and Jason Garbis, co-author of Zero Trust Security: An Enterprise Guide, tackle the question: Is Zero Trust security merely a buzzword or is it a real cybersecurity breakthrough?
Listen to the full episode below to hear Chase and Jason walk through a mock scenario of how they would counsel a company looking to Zero Trust to shore up its security strategy plus get insights on:
- Why Zero Trust has picked up serious momentum but there’s still skepticism and confusion around the term
- Where is the market leading people astray and what’s are the real benefits of Zero Trust that people should buy into?
- Why Zero Trust security isn’t a silver bullet. (Hint: because it’s a strategy, not a solution)
- Common misconceptions about Zero Trust security
- How security teams can build a bridge with business operations to create a safer organization
Tips for starting a Zero Trust security journey
Ultimately, Zero Trust means moving your cybersecurity strategy from a “trust, then verify” to a “verify, then trust” posture when it comes to granting user-to-user and resource-to-resource access. Here’s how Chase and Jason suggest you get started:
- Find reputable Zero Trust resources. Remember, this is more about strategy than technology. Read up on fundamentals like National Institute of Standards and Technology’s Special Publication 800-207 or books like Zero Trust Security: An Enterprise Guide or watch on-demand: The Four Stages of Zero Trust Maturity
- Have a strategic objective. It’s easy to get lost in the sea of solutions that is the Zero Trust market, and many provide great value. You need to also have a clearly defined goal to work toward, or else the technology aspect won’t help you.
- Start small. Identify some pain points your users are dealing with or friction that’s preventing your organization from advancing. A narrowly scoped project—like securing a high-value asset or killing a virtual private network (VPN)—is the way to start your Zero Trust journey. Boiling the ocean won’t work. You’re in this for the long haul.
You can learn more about Zero Trust security by diving into additional these resources: