Sie sind hier

Startseite:Blogs:Putting Zero Trust into Action with Forrester’s Heath Mullins
Juni 27, 2023

Putting Zero Trust into Action with Forrester’s Heath Mullins

Mike Crouse
Forrester Global Governments Zero Trust

Today, securing hybrid workers and the data they need to access is a challenge that faces both government and commercial customers alike. Implementing a true Zero Trust infrastructure, a concept that at its core is built on the premise of not trusting anyone or anything, will go a long way to getting organizations there.

 

Moving from the Zero Trust concept to implementation was the basis of a recent fireside chat I participated in with Forrester Senior Analyst Heath Mullins.

Forrester: Chart Your Course to Zero Trust Intermediate

Report lesen

Many security professionals understand that Zero Trust done right helps protect all aspects of an organization. But getting to that point continues to be a challenge even for businesses and government agencies with ample resources.

Our lively fireside chat went beyond the concepts to discuss tangible steps forward, tackling topics like:

Where to start:

  • Two key places: 1. Understanding network dependencies and 2. Tackling data visibility

How to start:

  • Conduct a thorough assessment to find dependencies
  • Assess what you have: Cloud properties, data centers, remote access users, etc.Doing so will help understand overlap and duplication
  • Sharpen your data visibility (discovery, classification, data tagging, etc.)Data Classification contributes to getting data tagging off the ground

Benefits of micro-segmentation:

  • Gives organizations the ability to see everywhere from cloud to on-prem to hybrid worker
  • Allows for protecting down to the application level
  • Biggest problem with micro segmentation: You have to be a network shop to fully implement

Role of new tools like RBI and CDR

  • 2014 - 15: Started as a way to protect CEO
  • Necessary since attackers have shifted from C-suite to lower-level employees

The shift from point products to platforms

  • In 2013 or 2014, platforms were the focus; didn't work initially because of vendor lock-in fears; trended to best-of breed
  •  Zero Trust paradigm is causing a shift back to the platform side
  • Operationally, it's much easier to train SOC teams on one platform

Role of Analytics in Zero Trust

  • UEBA indicators = Understanding typical behaviors at employee level
  • However, understanding needs to go beyond indicators: engagement with management, co-workers, etc.
  • Did this person access something they're allowed to, but shouldn't or if they're accessing frequently – that could be a red flag

 

To hear more, tune into the on-demand ‘Putting Zero Trust into Action to Secure the Hybrid Workforce’ discussion between me and Forrester Senior Analyst Heath Mullins.

To go even deeper into Zero Trust by digging into Forrester’s ‘Chart Your Course to Zero Trust Intermediate’ report.

Mike Crouse

Mike Crouse is the Director for Enterprise User and Data Protection at Forcepoint Global Governments and Critical Infrastructure. He works closely with industry thought leaders, executives, and the Forcepoint management team to help guide long-term programmatic and technology...

Read more articles by Mike Crouse

Über Forcepoint

Forcepoint ist einer der weltweit führenden Anbieter von Cyber-Sicherheit im Bereich Anwender- und Datensicherheit und hat es sich zur Aufgabe gemacht, Organisationen zu schützen und gleichzeitig die digitale Transformation und das Wachstum voranzutreiben. Unsere Lösungen passen sich in Echtzeit an das Nutzerverhalten an und ermöglichen Mitarbeitern einen sicheren Datenzugriff bei voller Produktivität.
Erfahren Sie mehr über Forcepoint
Inline CSS for Main Menu