EyesOpen Association, profile picture
Uploaded byEyesOpen Association
258 views

Zero Trust : How to Get Started

The document provides an overview of the zero trust security model, emphasizing the need for verification and protection in an evolving risk landscape. Key principles include strong authentication, dynamic policy enforcement, and the focus on securing data rather than trusting networks. Getting started involves identifying critical assets, governance, and implementing security controls across users, devices, and networks.

Embed presentation

1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
Trust: Human interactions are guided by the concept of trust Overview of Zero Trust
Trust but verify.
Overview of Zero Trust • “Zero Trust Model” was coined by Forrester Research analyst and thought-leader John Kindervag in 2010 • “never trust, always verify.” • based on the assumption that risk is an inherent factor both inside and outside the network.
Overview of Zero Trust
1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
Why Does Zero Trust Matter? • The human concept of boundaries or the perimeter • The evolving nature of risk and threats
Why Does Zero Trust Matter? The human concept of boundaries or the perimeter
Why Does Zero Trust Matter? The human concept of boundaries or the perimeter Change of tactics. Breach from the INSIDE!
Why Does Zero Trust Matter? The evolving nature of risk and threats – LANDSCAPE SHIFT
Why Does Zero Trust Matter? LANDSCAPE SHIFT – Information & Technology
Why Does Zero Trust Matter? Business Challenges: Increased access, attack surface & gaps in visibility
1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
Principles of Zero Trust Traditional Zero Trust Move away from • Assumptions • Implicit Trust Move towards • Strong authentication • Context • Explicit Trust
Principles of Zero Trust Focuses on protection of data, not on attacks Assumes all environments are hostile and breached No access device until user + device is proven “trusted” Authorize and encrypt all transactions and flows All activity is logged
7 Zero Trust Foundational Rules 1. All data sources and computing services are considered resources. 2. All communication is secured regardless of network location. 3. Access to individual enterprise resources is granted on a per-session basis. 4. Access to resources is determined by dynamic policy. 5. The enterprise monitors and measures the integrity and security posture of all owned and associated assets. 6. All resource authentication and authorization is dynamic and strictly enforced before access is allowed. 7. The enterprise collects as much information as possible about the current state of assets, network infrastructure and communications, and uses it to improve its security posture. Source: NIST Special Publication (SP) 800-207 (2020), Zero Trust Architecture Principles of Zero Trust
Principles of Zero Trust Source: NIST SP 800-207 ZERO TRUST ARCHITECTURE
Principles of Zero Trust Types of Trust Algorithms • Criteria- versus score-based • Singular versus contextual”
Principles of Zero Trust
1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
Getting Started • What are your ‘crown jewels’? • Where are they? • Who looks after them?
Getting Started Governance Policy Automation & Orchestration Security Controls Talent & HR
Getting Started Users & Devices • MFA • Biometrics • PKI • IoT Apps & Data • Data Classification • DLP • Microservices • APIs • DevSecOps Networks • Microsegmentation • Cloud • SD-WAN • SASE
1.Overview of Zero Trust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
Conclusion • The perimeter no longer exists • Identity and credentials are the new perimeter • Assume breach • Insiders carry the greatest risk – as targets and as threats • Start your Zero-Trust Initiative with Zero-Trust Thinking • Automate & Orchestrate your Security Policy
Call to Action Verify, then trust!
M E R C I ! T H A N K Y O U ! QUESTIONS ?
Resources Microsoft Assessment https://www.microsoft.com/en-ww/security/business/zero-trust/maturity-model-assessment-tool BeyondCorp: Google’s Implementation of Zero Trust https://cloud.google.com/beyondcorp

More Related Content

PDF
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
PDF
NIST Zero Trust Explained
byrtp2009
 
PPTX
Adopting A Zero-Trust Model. Google Did It, Can You?
byZscaler
 
PPTX
Zero Trust Networks
byPractical Code, LLC
 
PPTX
Zero Trust and Data Security
byCareer Communications Group
 
PPTX
Understanding Zero Trust Security for IBM i
byPrecisely
 
PDF
Zero trust in a hybrid architecture
byHybrid IT Europe
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
NIST Zero Trust Explained
byrtp2009
 
Adopting A Zero-Trust Model. Google Did It, Can You?
byZscaler
 
Zero Trust Networks
byPractical Code, LLC
 
Zero Trust and Data Security
byCareer Communications Group
 
Understanding Zero Trust Security for IBM i
byPrecisely
 
Zero trust in a hybrid architecture
byHybrid IT Europe
 

What's hot

PDF
Microsoft Zero Trust
byDavid J Rosenthal
 
PPTX
Zero Trust
byBoaz Shunami
 
PPTX
SOC and SIEM.pptx
bySandeshUprety4
 
PPTX
Zero Trust Model
byYash
 
PDF
Cyber threat intelligence ppt
byKumar Gaurav
 
PDF
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
byPriyanka Aash
 
PPTX
The Zero Trust Model of Information Security
byTripwire
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
byShah Sheikh
 
PDF
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
PPTX
Security operation center (SOC)
byAhmed Ayman
 
PDF
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
PDF
Security architecture
byDuncan Unwin
 
PDF
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
byIvanti
 
PDF
Building a Cyber Security Operations Center for SCADA/ICS Environments
byShah Sheikh
 
PPSX
Application Security: AI LLMs and ML Threats & Defenses
byRobert Grupe, CSSLP CISSP PE PMP
 
PDF
IBM QRadar Security Intelligence Overview
byCamilo Fandiño Gómez
 
PDF
Rothke secure360 building a security operations center (soc)
byBen Rothke
 
PPTX
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
PDF
Microsoft Azure Sentinel
byBGA Cyber Security
 
PDF
Threat Intelligence
byDeepak Kumar (D3)
 
Microsoft Zero Trust
byDavid J Rosenthal
 
Zero Trust
byBoaz Shunami
 
SOC and SIEM.pptx
bySandeshUprety4
 
Zero Trust Model
byYash
 
Cyber threat intelligence ppt
byKumar Gaurav
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
byPriyanka Aash
 
The Zero Trust Model of Information Security
byTripwire
 
DTS Solution - Building a SOC (Security Operations Center)
byShah Sheikh
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
Security operation center (SOC)
byAhmed Ayman
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
Security architecture
byDuncan Unwin
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
byIvanti
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
byShah Sheikh
 
Application Security: AI LLMs and ML Threats & Defenses
byRobert Grupe, CSSLP CISSP PE PMP
 
IBM QRadar Security Intelligence Overview
byCamilo Fandiño Gómez
 
Rothke secure360 building a security operations center (soc)
byBen Rothke
 
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
Microsoft Azure Sentinel
byBGA Cyber Security
 
Threat Intelligence
byDeepak Kumar (D3)
 

Similar to Zero Trust : How to Get Started

PDF
What is the Zero Trust Security Model, How Does It Work, and Why Is It Import...
byDina G
 
PPTX
Zero-Trust-Architecture-Reimagining-Network-Security.pptx
byyash98012
 
PDF
Zero Trust Network Security- A Modern Approach to Cyber Defense (1).pdf
byjvinay0898
 
PPTX
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
byprasanna212623
 
PDF
The 1st Step to Zero Trust: Asset Management for Cybersecurity
bynathan-axonius
 
PDF
What Is Zero Trust Architecture and Why Do You Need It.pdf
byMesh Security
 
PPTX
Zero Trust: Redefining Security in the Digital Age
byArnold Antoo
 
PDF
Why Zero Trust Yields Maximum Security
byPriyanka Aash
 
PPTX
Zero Trust Cyber Security | Zero Trust Security Solutions
byLumiverse Solutions Pvt Ltd
 
PDF
Understanding Zero Trust Network Security_ A Comprehensive Guide.pdf
byshitolesonam7
 
PDF
Secure modern environments and enable digital transformation by Zero Trust Cy...
byITconsultingfirmnj
 
PPTX
What is zero trust model (ztm)
byAhmed Banafa
 
PDF
Zero Trust Best Practices for Kubernetes
byNGINX, Inc.
 
DOCX
What is zero trust model of information security?
byAhmed Banafa
 
PDF
How Zero Trust Can Protect Your Business from Cyber Attacks
byDataSpace Academy
 
PDF
Zero Trust Network Security- A New Era of Cyber Defense.pdf
byjvinay0898
 
PPTX
Zero_Trust_Presentation_Microsoft_365_Architecture
bynalan17
 
PPTX
The Importance of Zero Trust Security in Modern.pptx
byissahakukuwerej
 
PDF
[Round table] zeroing in on zero trust architecture
byDenise Bailey
 
PDF
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
bynull - The Open Security Community
 
What is the Zero Trust Security Model, How Does It Work, and Why Is It Import...
byDina G
 
Zero-Trust-Architecture-Reimagining-Network-Security.pptx
byyash98012
 
Zero Trust Network Security- A Modern Approach to Cyber Defense (1).pdf
byjvinay0898
 
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
byprasanna212623
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
bynathan-axonius
 
What Is Zero Trust Architecture and Why Do You Need It.pdf
byMesh Security
 
Zero Trust: Redefining Security in the Digital Age
byArnold Antoo
 
Why Zero Trust Yields Maximum Security
byPriyanka Aash
 
Zero Trust Cyber Security | Zero Trust Security Solutions
byLumiverse Solutions Pvt Ltd
 
Understanding Zero Trust Network Security_ A Comprehensive Guide.pdf
byshitolesonam7
 
Secure modern environments and enable digital transformation by Zero Trust Cy...
byITconsultingfirmnj
 
What is zero trust model (ztm)
byAhmed Banafa
 
Zero Trust Best Practices for Kubernetes
byNGINX, Inc.
 
What is zero trust model of information security?
byAhmed Banafa
 
How Zero Trust Can Protect Your Business from Cyber Attacks
byDataSpace Academy
 
Zero Trust Network Security- A New Era of Cyber Defense.pdf
byjvinay0898
 
Zero_Trust_Presentation_Microsoft_365_Architecture
bynalan17
 
The Importance of Zero Trust Security in Modern.pptx
byissahakukuwerej
 
[Round table] zeroing in on zero trust architecture
byDenise Bailey
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
bynull - The Open Security Community
 

More from EyesOpen Association

PDF
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
byEyesOpen Association
 
PDF
Ransomware : Challenges and best practices
byEyesOpen Association
 
PDF
Gestion des Incidents: prendre le contrôle de votre processus
byEyesOpen Association
 
PDF
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
byEyesOpen Association
 
PDF
Case studies in cybersecurity strategies
byEyesOpen Association
 
PDF
Cyber and information security operations and assurance
byEyesOpen Association
 
PDF
CTFaaS pour la cybereducation
byEyesOpen Association
 
PDF
Phishing mails: Bonnes pratiques
byEyesOpen Association
 
PDF
Internal and External threats to a corporate network : Bypassing perimeter de...
byEyesOpen Association
 
PDF
Cybersecurity Competencies and the Future of Work
byEyesOpen Association
 
PDF
Approche de sécurisation des identités: Cas de Active Directory
byEyesOpen Association
 
PDF
Cyber threat intelligence avec Open CTI
byEyesOpen Association
 
PDF
Le rôle de la sensibilisation et de la formation à la cybersécurité
byEyesOpen Association
 
PDF
Cyber psychology: Understand your cyber security mental health culture
byEyesOpen Association
 
PDF
La sécurité des API: Quand les mauvais élèves entrent en piste.
byEyesOpen Association
 
PDF
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
byEyesOpen Association
 
PDF
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
byEyesOpen Association
 
PDF
Report: Digital Transformation and Application Security Posture in West and C...
byEyesOpen Association
 
PDF
Effective Information Security Risk and Controls Management
byEyesOpen Association
 
PDF
Cybersecurity in Mergers and Acquisitions (M&A)
byEyesOpen Association
 
COLLECT AND ANALYZE RAM FOR DIGITAL INVESTIGATION
byEyesOpen Association
 
Ransomware : Challenges and best practices
byEyesOpen Association
 
Gestion des Incidents: prendre le contrôle de votre processus
byEyesOpen Association
 
Art du threat Modeling : Modéliser les menaces informatiques avec la méthode ...
byEyesOpen Association
 
Case studies in cybersecurity strategies
byEyesOpen Association
 
Cyber and information security operations and assurance
byEyesOpen Association
 
CTFaaS pour la cybereducation
byEyesOpen Association
 
Phishing mails: Bonnes pratiques
byEyesOpen Association
 
Internal and External threats to a corporate network : Bypassing perimeter de...
byEyesOpen Association
 
Cybersecurity Competencies and the Future of Work
byEyesOpen Association
 
Approche de sécurisation des identités: Cas de Active Directory
byEyesOpen Association
 
Cyber threat intelligence avec Open CTI
byEyesOpen Association
 
Le rôle de la sensibilisation et de la formation à la cybersécurité
byEyesOpen Association
 
Cyber psychology: Understand your cyber security mental health culture
byEyesOpen Association
 
La sécurité des API: Quand les mauvais élèves entrent en piste.
byEyesOpen Association
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
byEyesOpen Association
 
Cyberguerre et Cyberdéfense: les nouveaux enjeux pour l’Afrique
byEyesOpen Association
 
Report: Digital Transformation and Application Security Posture in West and C...
byEyesOpen Association
 
Effective Information Security Risk and Controls Management
byEyesOpen Association
 
Cybersecurity in Mergers and Acquisitions (M&A)
byEyesOpen Association
 

Recently uploaded

PPTX
VBYLD 2026 - Template Presentation .pptx_20251212_021639_0000 (1).pptx
byp9745542
 
PPTX
2025-12-14 Moses 11 (shared slides).pptx
byDale Wells
 
PDF
Bank Negara Indonesia (BNI) Corporate Presentation 1H 2024
bySofiaWENugrahani
 
PPTX
Leveraging Evidence and Policy to Advance NUS Integration in Food Systems - I...
byFrancois Stepman
 
PDF
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovico Besana
 
PPTX
Patterns of nursing education in india.pptx
byPrernajaswal3
 
PPTX
Bob Stewart Interruptions 12 14 2025.pptx
byFamilyWorshipCenterD
 
PPTX
Tagging is dead, meet their weird cousin Service Groups
bystijn40
 
PPTX
PANCHAYATI RAJ INSTITUTION nursing .pptx
byPrernajaswal3
 
PDF
How to Safely Buy Instagram Accounts in 2026.pdf
byusatrust acc
 
PDF
Bank Negara Indonesia (BNI) Corporate Presentation 3Q2025
bySofiaWENugrahani
 
PDF
Steering Committee meeting Global Forum on Agricultural Research and Innovation
byFrancois Stepman
 
PDF
OSMC 2025: Current State of Icinga by Bernd Erk.pdf
byNETWAYS
 
PDF
Generation and Storage Modeling Presentation
byCoalesce
 
PPTX
Novel Optimization – Evolutionary Algorithms​.pptx
byCoalesce
 
PPTX
Agribusiness education, NUS-focused curriculum reform, and youth enterprise d...
byFrancois Stepman
 
PDF
5 Ways to Stop People From Scrolling & Make Them Stay
bysreelalss91
 
PDF
Events Portfolio Smart Web Agency - Event Technologist
byRehan Ahmed
 
PDF
The Power of Cultural Awareness & Role Modeling
byRichard Dolman
 
PPTX
this document provide the information about lines & angles of class 9th
byanjalichauhan126150
 
VBYLD 2026 - Template Presentation .pptx_20251212_021639_0000 (1).pptx
byp9745542
 
2025-12-14 Moses 11 (shared slides).pptx
byDale Wells
 
Bank Negara Indonesia (BNI) Corporate Presentation 1H 2024
bySofiaWENugrahani
 
Leveraging Evidence and Policy to Advance NUS Integration in Food Systems - I...
byFrancois Stepman
 
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovico Besana
 
Patterns of nursing education in india.pptx
byPrernajaswal3
 
Bob Stewart Interruptions 12 14 2025.pptx
byFamilyWorshipCenterD
 
Tagging is dead, meet their weird cousin Service Groups
bystijn40
 
PANCHAYATI RAJ INSTITUTION nursing .pptx
byPrernajaswal3
 
How to Safely Buy Instagram Accounts in 2026.pdf
byusatrust acc
 
Bank Negara Indonesia (BNI) Corporate Presentation 3Q2025
bySofiaWENugrahani
 
Steering Committee meeting Global Forum on Agricultural Research and Innovation
byFrancois Stepman
 
OSMC 2025: Current State of Icinga by Bernd Erk.pdf
byNETWAYS
 
Generation and Storage Modeling Presentation
byCoalesce
 
Novel Optimization – Evolutionary Algorithms​.pptx
byCoalesce
 
Agribusiness education, NUS-focused curriculum reform, and youth enterprise d...
byFrancois Stepman
 
5 Ways to Stop People From Scrolling & Make Them Stay
bysreelalss91
 
Events Portfolio Smart Web Agency - Event Technologist
byRehan Ahmed
 
The Power of Cultural Awareness & Role Modeling
byRichard Dolman
 
this document provide the information about lines & angles of class 9th
byanjalichauhan126150
 

Zero Trust : How to Get Started

  • 2.
    1.Overview of ZeroTrust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 3.
    Trust: Human interactions areguided by the concept of trust Overview of Zero Trust
  • 4.
  • 5.
    Overview of ZeroTrust • “Zero Trust Model” was coined by Forrester Research analyst and thought-leader John Kindervag in 2010 • “never trust, always verify.” • based on the assumption that risk is an inherent factor both inside and outside the network.
  • 6.
  • 7.
    1.Overview of ZeroTrust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 8.
    Why Does ZeroTrust Matter? • The human concept of boundaries or the perimeter • The evolving nature of risk and threats
  • 9.
    Why Does ZeroTrust Matter? The human concept of boundaries or the perimeter
  • 10.
    Why Does ZeroTrust Matter? The human concept of boundaries or the perimeter Change of tactics. Breach from the INSIDE!
  • 11.
    Why Does ZeroTrust Matter? The evolving nature of risk and threats – LANDSCAPE SHIFT
  • 12.
    Why Does ZeroTrust Matter? LANDSCAPE SHIFT – Information & Technology
  • 13.
    Why Does ZeroTrust Matter? Business Challenges: Increased access, attack surface & gaps in visibility
  • 14.
    1.Overview of ZeroTrust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 15.
    Principles of ZeroTrust Traditional Zero Trust Move away from • Assumptions • Implicit Trust Move towards • Strong authentication • Context • Explicit Trust
  • 16.
    Principles of ZeroTrust Focuses on protection of data, not on attacks Assumes all environments are hostile and breached No access device until user + device is proven “trusted” Authorize and encrypt all transactions and flows All activity is logged
  • 17.
    7 Zero TrustFoundational Rules 1. All data sources and computing services are considered resources. 2. All communication is secured regardless of network location. 3. Access to individual enterprise resources is granted on a per-session basis. 4. Access to resources is determined by dynamic policy. 5. The enterprise monitors and measures the integrity and security posture of all owned and associated assets. 6. All resource authentication and authorization is dynamic and strictly enforced before access is allowed. 7. The enterprise collects as much information as possible about the current state of assets, network infrastructure and communications, and uses it to improve its security posture. Source: NIST Special Publication (SP) 800-207 (2020), Zero Trust Architecture Principles of Zero Trust
  • 18.
    Principles of ZeroTrust Source: NIST SP 800-207 ZERO TRUST ARCHITECTURE
  • 19.
    Principles of ZeroTrust Types of Trust Algorithms • Criteria- versus score-based • Singular versus contextual”
  • 20.
  • 21.
    1.Overview of ZeroTrust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 22.
    Getting Started • Whatare your ‘crown jewels’? • Where are they? • Who looks after them?
  • 23.
  • 24.
    Getting Started Users &Devices • MFA • Biometrics • PKI • IoT Apps & Data • Data Classification • DLP • Microservices • APIs • DevSecOps Networks • Microsegmentation • Cloud • SD-WAN • SASE
  • 25.
    1.Overview of ZeroTrust 2.Why Does Zero Trust Matter? 3.Principles of Zero Trust 4.Getting Started 5.Conclusion PLAN
  • 26.
    Conclusion • The perimeterno longer exists • Identity and credentials are the new perimeter • Assume breach • Insiders carry the greatest risk – as targets and as threats • Start your Zero-Trust Initiative with Zero-Trust Thinking • Automate & Orchestrate your Security Policy
  • 27.
  • 28.
    M E RC I ! T H A N K Y O U ! QUESTIONS ?
  • 29.