Security News

In this Help Net Security video, Kevin Peterson, Cybersecurity Strategist at Xalient, provides an overview of the early days of zero trust, illustrates where we are today, and offers tips for...

More recently, mergers, acquisitions, and divestitures have surfaced as key use case as companies increasingly look to add or pare down their businesses against the backdrop of a volatile global economic environment, according Chaudhry, Zscaler's chairman and CEO. Speaking at the their recent Zenith Live 2022 event, Chaudhry said Zscaler's cloud-based Zero Trust Exchange platform and underlying technologies have been used in about 300 acquisitions and divestitures over the past three years to reduce the complexity and time involved in merging two networks together or breaking one apart. "I did not think of this use case when I started the company," he told The Register.

In recent years, zero trust security has gained incredible attention from the government, cybersecurity leaders and regulators. Many organisations are still fuzzy on what zero trust means, and how to move forward on adopting the framework.

Even Sanmina customers use varying file sharing tools, creating another data sprawl issue company has to adapt to. He doesn't necessarily call it a worry - he believes Sanmina has it under control - but in such a highly distributed corporate environment, making sure they know here the data is is his largest focus.

Zero trust lets you limit access on an as-needed basis, and with the promise of greater protection, it is on the radar for many organizations. A report released Tuesday by security provider Banyan Security looks at the attitudes and intentions toward zero trust by IT and security professionals.

Okta has completed its analysis of the March 2022 incident that saw The Lapsus$ extortion crew get a glimpse at some customer information, and concluded that its implementation of zero trust techniques foiled the attack - and that its outsourced customer service provider Sitel was largely to blame for the confusion surrounding the incident. Winterford explained that the incident started in January when an Okta analyst observed a Sitel support engineer attempting to reset a password - but did so from outside the expected network range, did not attempt to fulfil a multifactor authentication challenge, and requested the new login details be sent to a Sitel email address managed under Microsoft 365 rather than the expected Okta address managed under Google Workspaces.

Organizations across many industries are in the throes of a journey to implement the zero trust security model to increase their cybersecurity posture. The zero trust model provides a global policy across the organization, which makes it challenging because organizations are typically fragmented, with different departments responsible for different cybersecurity controls.

Illumio released The Zero Trust Impact Report, a research on market perspectives of zero trust strategies and the business impact of segmentation technology. Zero trust is now the standard: 90 percent state that advancing zero trust strategies is one of their top three security priorities this year as a way to improve cyber resiliency and reduce the rising threat of attacks turning into disasters.

Cybersecurity company Illumio as part of their "Zero Trust Impact Report" found that leaders that employ zero trust architecture thwart five major cyberattacks per year, saving their organizations an average of $20 million annually. "Catastrophic breaches keep happening despite another year of record cybersecurity spending," said PJ Kirner, Illumio co-founder and CTO. "I'm shocked that nearly half of those surveyed in The Zero Trust Impact Report do not think a breach is inevitable, which is the guiding principle for Zero Trust, but I am encouraged by the hard business returns Zero Trust and Segmentation deliver."

It is perhaps better to consider the term zero trust architecture - a framework that requires an organization to take steps depending on the priorities of the business and their current security infrastructure. Whilst it's important for organizations to start making the move to zero trust architecture, it is not as simple as adopting a single vendor's capabilities as a comprehensive solution.