Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Zero Trust

Using Zero Trust to Prevent Agency Ransomware Attacks

COVID-19 made moving agency employees and services off-premises essential. This move, however, has also sparked one of the biggest waves of cybercrime the internet has ever seen. Ransomware attacks have been particularly effective against government agencies and critical infrastructure.

Ain't No Mountain High Enough: Achieving Zero Trust For A Mobile Workforce With Art Ashmann (VMware)

Widespread remote work has called for a paradigm shift in how we conduct enterprise cybersecurity. On this week’s Endpoint Enigma, VMware Staff EUC Solutions Engineer, Art Ashmann joins Hank Schless to discuss how mobile and cloud technology have enabled us to manage both work and personal responsibilities from anywhere and what organizations can do to securely take advantage of it.

Start Your Zero Trust Journey With the Gartner SASE Roadmap

Here’s the reality: hybrid and remote work are here to stay. This means access to your corporate data can now come from anywhere, on any device and any network. In order to tackle this new norm, Gartner has defined a new cybersecurity framework called Secure Access Service Edge (SASE).

Zero Trust Architecture Solutions Forum - SANS + Corelight

Security has always been one of the prime concerns for any growing business. In a world where technology is continually evolving, companies are constantly stumbling onto new vulnerabilities. One wrong move in the data management space and companies leave themselves vulnerable to shattering attacks. The increasingly multifaceted landscape means that more groups are turning towards a zero-trust security framework. This approach asks companies to take their security enforcement strategy to the next level and recognize that existing approaches don't offer enough defense.

2022 Predictions #6 - And We'll Call It Zero Trust

Most security professionals have had the principle of least privilege grilled into them from the very beginning of their careers. Giving users the minimum level of access needed to perform their job functions is for the most part an uncontested best practice. Unfortunately, best practices don’t directly translate into wide adoption, and least to their full extent. Over the past few years, or decades really, we’ve seen the ease in which attackers can move laterally and elevate their level of access while exploiting organizations that haven’t followed basic security principles.

Reinventing cybersecurity with a multi-layered approach

The complexity of cybersecurity threats has increased over the years. Additionally, the number of attack surfaces that can be used by cybercriminals has expanded phenomenally with the rise in remote and hybrid workplace models. With such a wide scope of possible cyberthreats, there’s no single solution that can counter them all.

2022 Cybersecurity Predictions - From Ransomware and Supply Chain Risks to Operational Technology and IoT

As we look ahead to 2022, we should pause to reflect on the trends of the past year. Ransomware and supply chain attacks have become two of the top concerns for organizations following a series of high-profile attacks, such as those conducted against Colonial Pipeline, SolarWinds and Kaseya. In 2021, our Project Memoria revealed close to 100 different vulnerabilities in common TCP/IP stacks, affecting hundreds of operational technology (OT) vendors.

It's Time for the U.S. Federal Government to Move (FAST) on Cloud Security and Zero Trust

Executive Order 14028 on Improving the Nation’s Cybersecurity was released in May with nine sections outlining specific focus areas for security improvements. As we noted at the time, Netskope applauded the EO for how it placed significant emphasis on zero trust security adoption, mentioning it no fewer than 11 times, and insisting on proactive action.

Zero Trust with Envoy, SPIRE and Open Policy Agent (OPA)

Enterprises have traditionally relied on perimeter network security to keep attackers out and protect their organizationally unique sensitive data and resources. This approach works on the principle “verify, always trust” wherein authenticated users inside the network are trusted by default and allowed unfettered access. With the shift to cloud-native architecture, perimeter-based defenses have become obsolete and leave systems inherently vulnerable to malicious actors.