Security News

In this Help Net Security interview, Jenn Markey, Advisor to The Entrust Cybersecurity Institute, discusses the increasing adoption of enterprise-wide zero trust strategies in response to evolving cyber threats. Two-thirds of organizations featured in the 2024 State of Zero Trust & Encryption study cited cyber-risk concerns as the main drivers for implementing a zero-trust strategy.

The risk of a cyber breach is the number one global driver for zero trust strategy implementation, according to Entrust. "This means that implementing a zero trust security practice is an urgent business imperative - and the security of organizations' and their customers' data, networks, and identities depends on it."

ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform-the core component of the Windows Firewall-directly into client devices. Jake Williams, VP of research and development at consultancy Hunter Strategy, said the union of these previously disparate engines would allow updates to be made to the Windows firewall on a per-domain name basis.

A fourth quarter 2023 Gartner survey of 303 security leaders whose organizations had already implemented or are planning to implement a zero-trust strategy found that 56% of organizations are primarily pursuing a zero-trust strategy because it's cited as an industry best practice. "For most organizations, a zero-trust strategy typically addresses half or less of an organization's environment and mitigates one-quarter or less of overall enterprise risk."

Organizations are leveraging zero trust to enhance the safety, security, and reliability of their enterprise across IT and OT environments, according to Xage Security. Zero trust security implementation in industrial sectors.

The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls...

The National Security Agency is sharing new guidance to help organizations limit an adversary's movement on the internal network by adopting zero-trust framework principles.The NSA released today zero-trust guidance for the network and environment component, which comprises all hardware and software assets, non-person entities, and inter-communication protocols.

Unlike conventional systems that often rely on perimeter defenses, zero trust adopts a more discerning philosophy, treating every user, device, and transaction as untrusted by default. In this Help Net Security round-up, we present segments from previously recorded videos in which cybersecurity experts emphasize the importance of zero trust in the context of cybersecurity, underscoring its crucial role in mitigating the risks posed by cyber threats and evolving attack vectors.

It's vital the credentials stored within are kept secure - so how can we apply zero trust principles towards keeping our Active Directory secure? Password reset processes are often a point of vulnerability in an organization's Active Directory security, especially when they involve sending a reset link or code to the user's email or phone.

You've probably heard it before: zero trust is not a single product, but a security strategy that follows the principle of "Never trust, always verify". Implementing zero trust means an overall change in technology and architecture, and doing it one step at the time.