Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You’ve heard about it. A lot. But there are quite a few nuances when it comes to how Zero Trust security is defined and discussed. Is it a platform or a principle? It’s one of those terms that’s so widely cited that it has the tendency these days to elicit eye rolls within the cybersecurity industry and to be referred to as a buzzword by those sitting at the cool kids’ lunch table.

Today’s guest is Den Jones, who’s Chief Security Officer (CSO) at Banyan Security, a startup Zero Trust network access solution (and a CyberArk technology partner). Jones spent almost 19 years at Adobe, followed by a stop at Cisco, before landing at Banyan in 2021. As his Twitter bio tells it, he’s a “Large Scale Zero Trust Deliverer,” which is part of his multifaceted CSO charge.

Vulnerabilities are only one part of the cloud security story. Misconfigurations are still the biggest player in security incidents and, therefore, should be one of the greatest causes for concern in organizations.

The 18th International Conference on Cyber Warfare and Security gave researchers, policymakers, and security professionals a chance to share findings and ideas. Read the highlights.

“Black Swan” author Nicholas Nassim Taleb once wrote that “intelligence consists in ignoring things that are irrelevant (avoiding false patterns).” Organizations must take this definition to heart as they incorporate Identity Security intelligence – an essential element of any Zero Trust cybersecurity strategy. Many organizations have dedicated Security Operations Center (SOC) teams responsible for their threat detection, investigation and response efforts.

"Crunchy on the outside, chewy in the middle". That's how Google described its perimeter-based security targeted high-profile companies such as Google, Adobe, Akamai, Rackspace, etc., with said primary reason of modifying the source codes. In response, Google initiated a perimeter-less and trustless access control system now popularly known as BeyondCorp. BeyondCorp comes from a realization that VPN perimeter network security is obsolete.

As the world fitfully rebounds from the recent Covid-19 pandemic, both our personal and professional lives will be altered. A recent survey by Gartner revealed that 74% of CFOs and Finance leaders said they will move at least 5% of their previously on-site workforce to permanently remote positions post Covid-19. Organizations will evaluate rent costs, health risks, and productivity benefits in the new environment. Some office space will be released.

Manufacturers are some of the most ambitious firms on the planet when it comes to harnessing the power of edge technology to modernize their businesses. As they make plans in 2023 to enhance business outcomes through the use of technologies such as 5G and IoT, manufacturers should also increasingly be called to innovate in the spheres of governance and cyber risk management.

Late in January this year, the UK’s National Cyber Security Centre announced an update to its Cyber Essentials scheme in order to ensure it “continues to help UK organisations guard against the most common cyber threats”. This year’s update isn’t an overhaul on the same scale as last year’s, but it did include important new guidance about zero trust architectures.