With the increase in frequency, sophistication, and cost of cyberattacks, the global focus on cybersecurity is at an all-time high. However, the goalposts for those tasked with protecting businesses have shifted. Hackers have a growing number of ways they can compromise a business and are frequently looking to move laterally within an organization, using credentialed (and often elevated) access.

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening: understanding your Shadow IT.

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

2020 is likely to go down in history as the year of two pandemics, COVID-19 and cybercrime. Certain types of cybersecurity threats have massively intensified this year. For example, the malware NetWiredRC saw a 200% spike in detection rates in March 2020. COVID-19 has caused a sudden shift to remote working. More employees are now working from their homes than ever before. Remote work en masse exposes organizations to increased levels of threats.

The old security model, which followed the “trust but verify” method, is broken. That model granted excessive implicit trust that attackers abused, putting the organization at risk from malicious internal actors and allowing unauthorized outsiders wide-reaching access once inside. The new model, Zero Trust networking, presents an approach where the default posture is to deny access.

This blog was written by a third party author In today’s ever-changing cybersecurity landscape, Zero Trust is here to stay. Before the concept of Zero Trust was well known, organizations followed the belief that anything within the network is trusted, and anything outside of it is untrusted. Zero trust is built on the idea that all traffic, whether incoming or outgoing, should be inspected, regardless of the source.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cybersecurity in remote work, this week we explore the concept of the Zero Trust model in cybersecurity.

This blog was written by a third party author Zero Trust is a cybersecurity model with a tenet that any endpoint connecting to a network should not be trusted by default. With Zero Trust, everything and everyone— including users, devices, endpoints —must be properly verified before access to the network is allowed.

The increasing adoption of cloud applications and an expanding remote workforce are redefining network security. In a traditional setting, the emphasis was on perimeter-based security—assuming that everything behind the corporate firewall is safe. However, it’s clear that organizations have to rethink the philosophy of implicit trust in a corporate network.