SlideShare a Scribd company logo

[Round table] zeroing in on zero trust architecture

D
Denise Bailey

The document discusses the CISO platform's goals in promoting zero trust security through collaborative community resources, including over 300 checklists, frameworks, and playbooks. It outlines key concepts of zero trust architecture, its benefits, and various technology stack components essential for its implementation. Additionally, it references significant frameworks and architectures, such as NIST and Google's BeyondCorp, to guide the transition to zero trust models.

Technology
1 of 12
Downloaded 28 times
1
2
Most read
3
4
5
6
7
8
9
10
11
12
Most read
ZEROING-IN ON ZERO TRUST SECURITY CISO Platform Playbook Roundtable
Build Tangible Community Goods Through Sharing & Collaboration Frameworks, Checklists, Playbooks..
CISO Platform Vision •Build tangible community goods •What our community has achieved: • 300+ check-lists, frameworks & playbooks • Platform for comparing security products • Task force initiatives to solve specific industry problems • Kid’s cyber safety initiatives
Today’s Goal: Build a Tangible Community Good Deliverable: Documented Discussion on Playbook for Zeroing-In on Zero Trust Security Key Discussion Points: ■ Idea of Zero Trust ■ Frameworks e.g. NIST framework ■ Building a Zero Trust Architecture ■ Building Tech stack for transition to Zero Trust Architecture ■ Building Tech stack for directly implementing Zero Trust Architecture
Zero Trust Agenda ■ What is zero trust? ■ Scope, Applicability, Use Cases ■ Readiness Assessment ■ Reference Architecture: Tech Stack
What is zero trust? Why? ■ Security model that assumes no trust in any of the elements in the architecture ■ “Trust but verify” to “Don’t trust always verify” ■ NIST Definition – “Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move network defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet). Authentication and authorization (both user and device) are discrete functions performed before a session to an enterprise resource is established. “
Scope, Applicability, Use Cases ■ Seamless user experience – If implemented right, Zero trust models can create seamless user experience ■ Performance – Zero trust may increase computational load and may decrease performance. However a balance can be achieved through proper design ■ Minimize risk posture ■ Consistent security posture ■ Scalability and extensibility of common security model across all users and systems
Constituents of Tech Stack ■ Tech Stack: There can be multiple elements in the tech stack. Following are some of the components discussed: – Network Segmentation/Micro segmentation Tool – Network Monitoring & Visibility – Cloud workload protection – Trust Verifier or Access Control
Constituents of Tech Stack - Contd.. – Policy enforcer – Correlation/SOC – Automation and orchestration (SOAR) – Device/Identity fingerprinting – Application proxy / gateway
Reference Architecture ■ Google Beyond Corp – One of the pioneers of Zero Trust Network Architecture – https://research.google/pubs/pub43231/ ■ NIST Draft Architecture: NIST 800-207 – NIST recently published a draft reference architecture model – https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207 -draft2.pdf
Reference Architecture - Contd... ■ Approach – Create asset and entity list & compliance requirements – Create access policies – Validate / Threat modelling.. using kill chain – Use any of the above models to build the architecture
Thank You

More Related Content

What's hot (20)

PDF
Zero Trust : How to Get Started
EyesOpen Association
 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
PDF
Microsoft Zero Trust
David J Rosenthal
 
PPTX
Zero Trust Network Access
Er. Ajay Sirsat
 
PPTX
Microsoft Defender for Endpoint
Cheah Eng Soon
 
PDF
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
PPTX
Zero Trust Model
Yash
 
PDF
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
PPTX
The Zero Trust Model of Information Security
Tripwire
 
PPTX
Understanding Zero Trust Security for IBM i
Precisely
 
PPTX
Zero trust Architecture
AddWeb Solution Pvt. Ltd.
 
PPTX
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
PDF
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
PDF
MITRE ATT&CK Framework
n|u - The Open Security Community
 
PPTX
Zero Trust and Data Security
Career Communications Group
 
PDF
Cloud Security Strategy
Capgemini
 
PPTX
Identity and Access Management Introduction
Aidy Tificate
 
PPTX
Data Loss Prevention
Reza Kopaee
 
PDF
VAPT Services by prime
Prime Infoserv
 
Zero Trust : How to Get Started
EyesOpen Association
 
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Microsoft Zero Trust
David J Rosenthal
 
Zero Trust Network Access
Er. Ajay Sirsat
 
Microsoft Defender for Endpoint
Cheah Eng Soon
 
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Zero Trust Model
Yash
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
The Zero Trust Model of Information Security
Tripwire
 
Understanding Zero Trust Security for IBM i
Precisely
 
Zero trust Architecture
AddWeb Solution Pvt. Ltd.
 
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Zero Trust and Data Security
Career Communications Group
 
Cloud Security Strategy
Capgemini
 
Identity and Access Management Introduction
Aidy Tificate
 
Data Loss Prevention
Reza Kopaee
 
VAPT Services by prime
Prime Infoserv
 

Similar to [Round table] zeroing in on zero trust architecture (20)

PPTX
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
PPTX
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
PPTX
ZERO-TRUST ARCHITECHTURE IN CYBER SECURITY
uu232003
 
PDF
CyberSecurity Meetup - Zero Trust Architecture and Electric Vehicle Cyberrisks
Roger Qiu
 
PPTX
Zero Trust Architecture Zero Trust ArchitectureZero Trust ArchitectureZero Tr...
MohammadShamsuddin16
 
PDF
Zero trust architecture and MIS.pdf
Central Pattana Public Company Limited (CPN)
 
PDF
What Is Zero Trust Architecture and Why Do You Need It.pdf
Mesh Security
 
PPTX
Zero Trust Networks
Practical Code, LLC
 
PPSX
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
PPTX
The Importance of Zero Trust Security in Modern.pptx
issahakukuwerej
 
PDF
The 1st Step to Zero Trust: Asset Management for Cybersecurity
nathan-axonius
 
PPTX
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
prasanna212623
 
PPTX
Zero trust model for cloud computing.pptx
kkhhusshi
 
PPTX
zerotrustmodelpresentation-200107094517.pptx
niyazhasanov35
 
PDF
zero trust - how to build zero trust.pdf
AliAlwesabi
 
PDF
philip_industry zero trust presentation ppt
JayLewis40
 
PDF
Forrester zero trust_dna
Cristian Garcia G.
 
PPTX
Zero Trust in the Age of AI by Deblohit Bose.pptx
null - The Open Security Community
 
PDF
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
null - The Open Security Community
 
PDF
Zero Trust Networks Evan Gilman Doug Barth
xovaniparpov15
 
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
ZERO-TRUST ARCHITECHTURE IN CYBER SECURITY
uu232003
 
CyberSecurity Meetup - Zero Trust Architecture and Electric Vehicle Cyberrisks
Roger Qiu
 
Zero Trust Architecture Zero Trust ArchitectureZero Trust ArchitectureZero Tr...
MohammadShamsuddin16
 
Zero trust architecture and MIS.pdf
Central Pattana Public Company Limited (CPN)
 
What Is Zero Trust Architecture and Why Do You Need It.pdf
Mesh Security
 
Zero Trust Networks
Practical Code, LLC
 
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
The Importance of Zero Trust Security in Modern.pptx
issahakukuwerej
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
nathan-axonius
 
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
prasanna212623
 
Zero trust model for cloud computing.pptx
kkhhusshi
 
zerotrustmodelpresentation-200107094517.pptx
niyazhasanov35
 
zero trust - how to build zero trust.pdf
AliAlwesabi
 
philip_industry zero trust presentation ppt
JayLewis40
 
Forrester zero trust_dna
Cristian Garcia G.
 
Zero Trust in the Age of AI by Deblohit Bose.pptx
null - The Open Security Community
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
null - The Open Security Community
 
Zero Trust Networks Evan Gilman Doug Barth
xovaniparpov15
 
Ad

Recently uploaded (20)

PDF
July Patch Tuesday
Ivanti
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
NewMind AI Journal - Weekly Chronicles - July'25 Week II
NewMind AI
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
Persuasive AI: risks and opportunities in the age of digital debate
Speck&Tech
 
PPTX
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
PPTX
✨Unleashing Collaboration: Salesforce Channels & Community Power in Patna!✨
SanjeetMishra29
 
PDF
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
PDF
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PDF
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
PPTX
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
PPTX
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
July Patch Tuesday
Ivanti
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
NewMind AI Journal - Weekly Chronicles - July'25 Week II
NewMind AI
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
Persuasive AI: risks and opportunities in the age of digital debate
Speck&Tech
 
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
✨Unleashing Collaboration: Salesforce Channels & Community Power in Patna!✨
SanjeetMishra29
 
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
Ad

[Round table] zeroing in on zero trust architecture

  • 1. ZEROING-IN ON ZERO TRUST SECURITY CISO Platform Playbook Roundtable
  • 2. Build Tangible Community Goods Through Sharing & Collaboration Frameworks, Checklists, Playbooks..
  • 3. CISO Platform Vision •Build tangible community goods •What our community has achieved: • 300+ check-lists, frameworks & playbooks • Platform for comparing security products • Task force initiatives to solve specific industry problems • Kid’s cyber safety initiatives
  • 4. Today’s Goal: Build a Tangible Community Good Deliverable: Documented Discussion on Playbook for Zeroing-In on Zero Trust Security Key Discussion Points: ■ Idea of Zero Trust ■ Frameworks e.g. NIST framework ■ Building a Zero Trust Architecture ■ Building Tech stack for transition to Zero Trust Architecture ■ Building Tech stack for directly implementing Zero Trust Architecture
  • 5. Zero Trust Agenda ■ What is zero trust? ■ Scope, Applicability, Use Cases ■ Readiness Assessment ■ Reference Architecture: Tech Stack
  • 6. What is zero trust? Why? ■ Security model that assumes no trust in any of the elements in the architecture ■ “Trust but verify” to “Don’t trust always verify” ■ NIST Definition – “Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move network defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet). Authentication and authorization (both user and device) are discrete functions performed before a session to an enterprise resource is established. “
  • 7. Scope, Applicability, Use Cases ■ Seamless user experience – If implemented right, Zero trust models can create seamless user experience ■ Performance – Zero trust may increase computational load and may decrease performance. However a balance can be achieved through proper design ■ Minimize risk posture ■ Consistent security posture ■ Scalability and extensibility of common security model across all users and systems
  • 8. Constituents of Tech Stack ■ Tech Stack: There can be multiple elements in the tech stack. Following are some of the components discussed: – Network Segmentation/Micro segmentation Tool – Network Monitoring & Visibility – Cloud workload protection – Trust Verifier or Access Control
  • 9. Constituents of Tech Stack - Contd.. – Policy enforcer – Correlation/SOC – Automation and orchestration (SOAR) – Device/Identity fingerprinting – Application proxy / gateway
  • 10. Reference Architecture ■ Google Beyond Corp – One of the pioneers of Zero Trust Network Architecture – https://research.google/pubs/pub43231/ ■ NIST Draft Architecture: NIST 800-207 – NIST recently published a draft reference architecture model – https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207 -draft2.pdf
  • 11. Reference Architecture - Contd... ■ Approach – Create asset and entity list & compliance requirements – Create access policies – Validate / Threat modelling.. using kill chain – Use any of the above models to build the architecture