Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins

ntxissacsc5

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

  • Be the first to like this

Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins

  1. 1. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Zero Trust A New, More Effective Approach to Security Ed Higgins, CISSP, CISM, CGEIT Security and Compliance Specialist Catapult Systems November 11, 2017 1 Increase Your Business Agility By Adopting Zero Trust
  2. 2. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 “Legacy, perimeter-centric models of information security are of no use in today’s digital businesses, as they are no longer bounded by the four walls of their corporation.” 2 ~Forrester Research
  3. 3. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 The Challenge 3 Finding qualified security staff Mapping requirements to solutions Managing numerous silo security solutions Data is more mobile than ever Perimeter Security has Failed to Adapt
  4. 4. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Data is More Mobile than Ever 4
  5. 5. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Workstations The “Jewels” Server The Perimeter Model (And it’s Fatal Flaw) • Hard outer shell (the untrusted zone, the DMZ , the other zones 5 • Inner (gooey) center of trusted systems with relaxed firewall rules and implicit trust. • Trust Thy Neighbor? • Assume there’s no malware • Assume there’s no malicious users • Assume there’s no already compromised users • No, Thank you!
  6. 6. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Mapping Requirements to Solutions 6
  7. 7. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Silos of Security Tools 7
  8. 8. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Staffing Security Experts 8
  9. 9. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Along the Attack Kill Chain: Advanced Persistent Threat 9
  10. 10. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Along the Attack Kill Chain: Low to High Privilege Lateral Movement 9
  11. 11. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Tenants of Zero Trust Access must be earned by all devices every time 1 Ensure all data and resources are accessed securely 2 User and device location should not decrease security 3 Least-Privileged Access and strictly enforced access controls 4 Log everything to an immutable destination 5 11
  12. 12. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Why a new approach? Compromised identity is the root of most breaches Low privileged accounts are exploited to move laterally from device to device, then escalate to high privileges to accomplish mission Most organizations address North / South threats, but not East / West Cloud apps, mobile users, laptops, work from home, B2C, and B2B all span the firewall which leads to blind spots and shadow IT 12
  13. 13. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Control Framework Encryption at rest & transit Firewall & System Mgmt Intrusion Detection / Prevention Logging Activity Monitoring Access & Identity Control Web Servers Database Servers Cloud Services Mobile On-Prem Users Remote Users Partners 13
  14. 14. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Mental Exercise What would you do differently if every user was always on BYOD mobile? 14
  15. 15. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Advantages of Applied Zero Trust Makes lateral breach movement harder Users get a unified experience Add consistent security controls for all endpoints Removes complexity of solving for both on-prem and external access Security is persistent, even if data is shared externally Removes need for certain complexities such as DMZ and VPN in many scenarios Enables Digital Transformation by removing security inequity Say “Yes” More 16
  16. 16. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Collin College North Texas ISSA (Information Systems Security Association) Thank you 17 Ed Higgins, CISSP, CISM, CGEIT Security and Compliance Specialist Catapult Systems Ed.Higgins@CatapultSystems.com 972-571-8808

×